[Openswan Users] xl2tpd uses inactive mast0 interface
Paul Wouters
paul at xelerance.com
Fri Nov 5 19:14:21 EDT 2010
On Fri, 5 Nov 2010, Sven Schiwek wrote:
> I have a problem with a l2tp connection.
> I have a W-Lan router connected to the Openswan server (via eth2),
> Openswan is listening on eth3. When I initiate a l2tp connection from a
> Windows 7 client via W-Lan the ipsec connection is coming up (not the l2tp
> part) but then I get this firewall log:
>
> Nov 5 10:51:21 misc1 kernel: [7155469.839899] iptables: INPUT deny
> IN=mast0 OUT=
> MAC=00:25:90:04:3d:cb:00:24:d7:01:d4:b8:08:00:45:00:00:8c:04:fa:00:00:80:11:e3:16:c0:a8:46:70:d5:dd:75:5a:06:a5:06:a5:00:78:f3:4f:c8:02:00:70:00:00:00:00:00:00:00:00:80:08
> SRC=192.168.70.112 DST=PUBLICIP LEN=140 TOS=0x00 PREC=0x00 TTL=128 ID=1274
> PROTO=UDP SPT=1701 DPT=1701 LEN=120 MARK=0x80160000
>
> Yea, this is the mast0 interface but I have not enabled the saref patch
> (ipsec.conf -> protostack=klips) and (xl2tpd.conf -> ipsec saref = no) so
> why do I have traffic to this (disabled but available) interface?
> Openswan 2.6.31 is listening on the external interface 'eth3' - so I want
> to establish a connection from wlan-'eth2' to 'eth3'-Openswan.
Can you try: ifconfig mast 0000 down
> Btw. if I allow traffic on the (inactive) mast0 interface (no IP assigned)
> I get this xl2tpd messages:
> $> tail -f /var/log/syslog
> Nov 5 11:54:15 misc1 xl2tpd[24410]: control_finish: Peer requested tunnel
> 11 twice, ignoring second one.
> Nov 5 11:54:15 misc1 xl2tpd[24410]: Connection 11 closed to
> 192.168.70.112, port 1701 (Timeout)
> Nov 5 11:54:20 misc1 xl2tpd[24410]: Unable to deliver closing message for
> tunnel 1946. Destroying anyway.
hmm
> Any help is greatly appreciated.
I guess you can try recompiling with USE_MAST=false ?
Perhaps we should add an option to the klips module to initiate the mast0
device or not when build as module?
Paul
More information about the Users
mailing list