[Openswan Users] Setting leftsubnet stops xl2tpd from working

Randy Wyatt rwyatt at nvtl.com
Mon Aug 9 20:07:14 EDT 2010

Have you turned on debugging for xl2tpd ?

It sounds like ppp isn't authenticating for some reason.

xl2tp should not have a left subnet value at all because it is a point to point connection.


-----Original Message-----
From: users-bounces at openswan.org on behalf of George Pollard
Sent: Mon 8/9/2010 4:27 PM
To: Willie Gillespie
Cc: users at openswan.org
Subject: Re: [Openswan Users] Setting leftsubnet stops xl2tpd from working
On 10 August 2010 09:32, Willie Gillespie
<wgillespie+openswan at es2eng.com> wrote:
> I had a similar problem just a few months ago with xl2tpd not being
> encapsulated in the tunnel in some cases.  I just wish I could remember what
> I did.
> My config files look about the same as yours except for I have
> rightprotoport=17/1701 -- I don't think I ever got %any to work (luckily, I
> didn't actually need to).
> If you do a tcpdump, are your L2TP packets being encapsulated?  (when it's
> not working)

I switched to /1701 and nothing changed. My client is a Windows 7
machine, so I traced with Wireshark.

There's a bunch of (6 main mode+ 3 quick mode) ISAKMP packets, then 6
ESP packets (these must be the encapsulated L2TP packets?), then some
informational ISAKMP packets (4) when the connection closes.

I don't see any non-encapsulated L2TP packets.

- George
Users at openswan.org
Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
Building and Integrating Virtual Private Networks with Openswan: 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100809/a12d5dcb/attachment.html 

More information about the Users mailing list