[Openswan Users] OpenSwan + xl2tpd not working

Wed Aug 18 10:53:12 EDT 2010

On Wed, 18 Aug 2010, Pete Mitchell wrote:

> I've upgraded to openswan-2.6.28. I've successfully connected to the server from my iPhone using L2TP as VPN. However, the connection from a Windows XP SP3 machine using the internal VPN client still fails. The l2tpd is still not getting any requests. When using the iPhone I can nicely see how the xl2tpd responds to the requests but for the XP machine nothing at all happens.
>
> The tunnel is established successfully as I'm getting the messages in /var/log/auth.log. But as I said xl2tpd is not fired up, for whatever reason.

>        virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12

you prob need to exclude your server range here.

> conn FIRST_TEST
>        authby=secret
>        pfs=no
>        auto=add
>        keyingtries=3
>        rekey=no
>        type=transport
>        ike=aes128-sha-modp1536,aes128-sha-modp1024,aes128-md5-modp1536,aes128-m                                                                              d5-modp1024,3des-sha-modp1536,3des-sha-modp1024,3des-md5-modp1536,3des-md5-modp1                                                                              024
>        esp=aes128-sha1,aes128-md5,3des-sha1,3des-md5

I would remove the ike/esp lines as they are not needd.

>        left=%defaultroute
>        leftnexthop=%defaultroute
>        leftprotoport=udp/l2tp
>        right=%any
>        rightprotoport=udp/0

Use udp/%any instead of udp/0

>        rightnexthop=%defaultroute

You are also missing a rightsubnet=vhost:%priv,%no

Paul