[Openswan Users] Upgrade to xl2tpd 1.2.6 breaks our setup

alet at librelogiciel.com alet at librelogiciel.com
Sun Jun 20 21:08:22 EDT 2010


after having upgraded our Debian Lenny+Squeeze (mix) openswan+xl2tpd
gateway, xl2tpd went from 1.2.5 (IIRC) to 1.2.6, and from then on,
everytime someone tried to connect the ppp connection would just die

I've tried upgrading my Debian clients to the very same releases of both
openswan and xl2tpd, but no luck. In addition we've got MacOSX clients
which don't work anymore either. I haven't yet checked for Windows
client. Both NATed and not-NATed clients fail.

Since xl2tpd 1.2.5 doesn't seem to be avilable anymore from Debian's
repository, I've downgraded to 1.2.0 from Debian Lenny : all works fine
again, immediately.

Linux kernel is 2.6.26 on the VPN gateway, is it too old for xl2tpd
1.2.6 ?

It's important to note that when xl2tpd is 1.2.6 on the clients (with
kernel 2.6.32) but 1.2.0 is on the VPN gateway, the connection succeeds
and doesn't die.

It's only when 1.2.6 is installed on the gateway itself that all goes

In all tests done no configuration file was changed, be it for openswan,
pppd, or xl2tpd : only xl2tpd's version changed.

Also, in all cases the IPsec SA was correctly established, so I think
openswan is OK.

Any idea of what could be causing this ? I can provide xl2tpd and pppd's
logs if needed.


Jerome Alet

More information about the Users mailing list