[Openswan Users] Setting leftsubnet stops xl2tpd from working
George Pollard
george at greenbutton.co.nz
Mon Aug 9 01:02:17 EDT 2010
Hello,
First of all, this is what I'm using:
xl2tpd version: xl2tpd-1.2.5
OpenSwan: 2.6.28
Ubuntu w/ kernel: 2.6.32-24-generic-pae (from the openswan-testing ppa)
Now my problem:
If I leave leftsubnet undefined (which I think means it defaults to
left/32), then everything works as expected, but I cannot access
anything in the subnet that I need to.
However, if I define leftsubnet, suddenly xl2tpd doesn't work any more.
Here is my config:
#private subnet is 192.168.100.0/24
config setup
nat_traversal=yes
virtual_private=
%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.100.0/24
oe=off
protostack=netkey
conn l2tp-X.509
authby=rsasig
pfs=no
auto=add
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=...
leftnexthop=...
leftsubnet=192.168.100.0/24 # ...
leftrsasigkey=%cert
leftcert=mycert.pem
leftprotoport=17/1701
right=%any
rightca=%same
rightrsasigkey=%cert
rightsubnet=vhost:%no,%priv
rightprotoport=17/%any
xl2tpd config:
[lns default]
refuse pap = yes
require chap = yes
require authentication = yes
length bit = yes
ip range = 192.168.100.128-192.168.100.254
local ip = 192.168.100.127
name = [...]
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd
And this is what xl2tpd outputs when it fails:
control_finish: Peer requested tunnel 45 twice, ignoring second one.
last message repeated 2 times
Maximum retries exceeded for tunnel 3352. Closing.
control_finish: Peer requested tunnel 45 twice, ignoring second one.
Connection 45 closed to [....], port 1701 (Timeout)
Unable to deliver closing message for tunnel 3352. Destroying anyway.
Can anyone give me some advice? :)
Thanks,
- George
More information about the Users
mailing list