[Openswan Users] FW: Windows XP L2tpipsec client connecting to Ubuntu server

Mike Giles Mike.Giles at thekentongroup.com
Fri Nov 19 09:53:05 EST 2010 

Hi again,
I am now getting the following in xl2tpd debug:

Nov 19 17:00:30 ubuntu xl2tpd[2432]: control_finish: Peer requested
tunnel 22 tw
ice, ignoring second one.
Nov 19 17:00:32 ubuntu xl2tpd[2432]: Unable to deliver closing message
for tunne
l 1344. Destroying anyway.
Nov 19 17:03:42 ubuntu xl2tpd[2704]: control_finish: Peer requested
tunnel 23 tw
ice, ignoring second one.
Nov 19 17:03:47 ubuntu last message repeated 2 times
Nov 19 17:03:52 ubuntu xl2tpd[2704]: Unable to deliver closing message
for tunne
l 63083. Destroying anyway.
Nov 19 17:04:05 ubuntu xl2tpd[2704]: control_finish: Peer requested
tunnel 23 tw
ice, ignoring second one.
Nov 19 17:04:07 ubuntu xl2tpd[2704]: Unable to deliver closing message
for tunne
l 65184. Destroying anyway.
Nov 19 17:16:40 ubuntu xl2tpd[2704]: control_finish: Peer requested
tunnel 24 tw
ice, ignoring second one.
Nov 19 17:16:45 ubuntu last message repeated 2 times
Nov 19 17:16:50 ubuntu xl2tpd[2704]: Unable to deliver closing message
for tunne
l 48238. Destroying anyway.
Nov 19 17:17:03 ubuntu xl2tpd[2704]: control_finish: Peer requested
tunnel 24 tw
ice, ignoring second one.
Nov 19 17:17:05 ubuntu xl2tpd[2704]: Unable to deliver closing message
for tunne
l 43240. Destroying anyway.
root at ubuntu:/var/log#

config as attached:

Could anyone help me with this ?

Regards,
Mike


-----Original Message-----
From: Mike Giles 
Sent: 06 September 2010 13:28
To: 'users at openswan.org'
Subject: Windows XP L2tpipsec client connecting to Ubuntu server

Hi,
I have a Ubuntu server which I'm trying to connect to with a Windows XP
client (L2tpipsec) I'm using PSK at the  moment.
Ubuntu 2.6.32.9
Openswan IPSEc 2.6.25
Xl2tpd 1.2.0

I have followed:
http://rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-auth/setting-up-
openswan-xl2tpd-with-native-windows-clients.html

I can sometimes connect ok.

However the server often generates ICMP destination port unreachable
(1701) in reply to ESP packets (Destination port 4500).

I have attached a failed connect and a successful connect. (tcpdump on
server side) The server is connected via a usb mobile broadband modem
(using a static public IP address NATed to 10.8.11.254).

I have tried connecting with no rules setup in iptables and with rules
accepting the specific ports (500,4500 and 1701).

Any suggestions would be very helpful.

Thanks & Regards,
Mike

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: config.txt
Url: http://lists.openswan.org/pipermail/users/attachments/20101119/2f2c2208/attachment.txt

More information about the Users mailing list