[Openswan Users] xl2tpd fails to establish tunnel, received out of order packet on tunnel -1
Will Roberts
ironwill42 at gmail.com
Fri May 21 01:28:09 EDT 2010
On 05/19/2010 08:57 PM, Paul Wouters wrote:
> On top of that you can add pppd debuging in /etc/ppp/options.xl2tpd.
>
> You can also run xl2tpd -D but you might need to recompile it with lots of
> -D options. See the Makefile.
>
> Paul
>
Paul,
Thanks, I must have only looked at the man page for xl2tpd. Those
options were enough to identify that my client wasn't receiving
responses from the server.
My xl2tpd server was set to listen on 0.0.0.0, which in my case included
3 public IPs. The default route out of the server is via IP #1, and the
openswan/xl2tpd traffic is directed to IP #2. Given that configuration,
my client never received any responses to its tunnel requests and
therefore sent a Timeout packet to the server which resulted in the
"received out of order packet on tunnel -1" error message.
When I forced xl2tpd to only listen on IP #2 then everything started
working. The exchange below was captured with tcpdump on the server.
Shouldn't the reply packet be sent from the same IP regardless?
01:25:14.186922 IP 72.66.77.81.1701 > 64.34.210.222.1701
01:25:15.194338 IP 72.66.77.81.1701 > 64.34.210.222.1701
01:25:16.186989 IP 64.34.210.223.1701 > 72.66.77.81.1701
01:25:16.187054 IP 64.34.210.223.1701 > 72.66.77.81.1701
Regards,
--Will
More information about the Users
mailing list