[Openswan Users] Problem connecting with a Linux client

Adrian Chapela achapela.rexistros at gmail.com
Tue Oct 19 09:30:40 EDT 2010 

Hello again,

now I have changed my config to do a L2TP only server and client and my
suprise was that the linux was working assigning a valid tunnel ip  in
local ip on the client.

I will post the actual config.

Client:
xl2tpd.conf
======================
[lac L2TPserver]
lns = 192.168.1.51
local ip = 10.10.10.2
require chap = yes
refuse pap = yes
require authentication = yes
name = test
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
======================
/etc/ppp/options.l2tpd.client
======================
ipcp-accept-local
ipcp-accept-remote
require-chap
noccp
noauth
crtscts
idle 1800
mtu 1400
mru 1400
nodefaultroute
debug
lock
proxyarp
connect-delay 5000
======================
/etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client    server    secret            IP addresses
"test"        "*"    "test"    *

Server:
xl2tpd.conf
======================
[global]
listen-addr = 192.168.1.51
debug tunnel = yes

; L2TP Network Server configuration.
[lns default]
ip range = 10.10.10.2-10.10.10.254
local ip = 10.10.10.1
assign ip = yes
require chap = yes
refuse pap = yes
require authentication = yes
name = LinuxVPNserver
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
======================
/etc/ppp/options.xl2tpd:
======================
ipcp-accept-local
ipcp-accept-remote
ms-dns 192.168.1.1
ms-wins 192.168.1.1
noccp
auth
crtscts
idle 1800
mtu 1410
mru 1410
defaultroute
debug
lock
proxyarp
connect-delay 5000
======================
/etc/ppp/chap-secrets
# Secrets for authentication using CHAP
# client    server    secret            IP addresses
"username" "*" "password" *
"test"    "*"    "test" *
======================

So now I am sure that the problem is the ip assignation , but Why the
server is setting a Ip on a Windows and not on a Linux ?

Regards.

En 18/10/10 18:51, Paul Wouters escribiu:
> On Mon, 18 Oct 2010, Adrián Ebay wrote:
>
>> 2010/10/18 Paul Wouters <paul at xelerance.com>
>>       On Mon, 18 Oct 2010, Adrian Chapela wrote:
>>
>>             I have configurated a Linux IPSEC/L2TP server. I can
>> connect Ok with a
>>             Windows 7 but I can't connect with a Linux client. When I
>> use Linux I
>>             can see the the tunnel and the ppp0 interface created OK,
>> as you can see
>>             below:
>>
>>
>>       But when I use the Linux client the result is the next:
>>       ppp0      Link encap:Point-to-Point Protocol
>>               inet addr:10.10.10.1  P-t-P:192.168.0.2
>>  Mask:255.255.255.255
>>
>>
>>       Why the Linux is not getting a correct IP ?
>>
>>
>> Check /etc/ppp/chap-secrets to see what IP configuration you put in the
>> username for the connection? Or are you using the same username on the
>> two connections?
>>
>>
>> I don´t use any username for now and in chap-secrets I haven´t any
>> username. Also the ppp0 is created for a while and then it
>> disappears. I am sure that is a bad configuration but I don´t know in
>> which file I have the error.
>
> I have never used ipsec/l2tp/pppd without user authentication. For me,
> getting the IP is
> part of the user credentials that xl2tpd pulls from
> /etc/ppp/chap-secrets. Other people
> have done it with pppd plugins (eg radius plugins)
>
> Paul
>

More information about the Users mailing list