[Openswan Users] Windows Mobile 6.5 connects, but loses connection

Bart Smink bartsmink at gmail.com
Tue Sep 7 10:03:02 EDT 2010


Hello all,

I am trying to get Windows Mobile 6.5 to work with Openswan in combination
with XL2TPD which is connected to freeradius. When I am trying to send data
through the tunnel, the connection goes down, when I wait for 3 minutes, the
connection goes down.

What I notice is that I get "ignoring informational payload, type
INVALID_COOKIE msgid=00000000" messages. Openswan sees it as information
messages, but I think it is the client trying to communicate.

I am using the example config file l2tp-cert.conf. I have not configured
"esp=", because I would like Openswan to find out what encryption methods
can be used, but this is not working.

Can someone help me?



My logs and configuration:

/var/log/secure:
Sep  7 15:50:27 gateway pluto[1749]: packet from 62.140.137.125:29237:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Sep  7 15:50:27 gateway pluto[1749]: packet from 62.140.137.125:29237:
ignoring Vendor ID payload [FRAGMENTATION]
Sep  7 15:50:27 gateway pluto[1749]: packet from 62.140.137.125:29237:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set
to=106
Sep  7 15:50:27 gateway pluto[1749]: packet from 62.140.137.125:29237:
ignoring Vendor ID payload [Vid-Initial-Contact]
Sep  7 15:50:27 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #14:
responding to Main Mode from unknown peer 62.140.137.125
Sep  7 15:50:27 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #14:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Sep  7 15:50:27 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #14:
STATE_MAIN_R1: sent MR1, expecting MI2
Sep  7 15:50:27 gateway pluto[1749]: packet from 62.140.137.125:29237:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Sep  7 15:50:27 gateway pluto[1749]: packet from 62.140.137.125:29237:
ignoring Vendor ID payload [FRAGMENTATION]
Sep  7 15:50:27 gateway pluto[1749]: packet from 62.140.137.125:29237:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set
to=106
Sep  7 15:50:27 gateway pluto[1749]: packet from 62.140.137.125:29237:
ignoring Vendor ID payload [Vid-Initial-Contact]
Sep  7 15:50:27 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #15:
responding to Main Mode from unknown peer 62.140.137.125
Sep  7 15:50:27 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #15:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Sep  7 15:50:27 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #15:
STATE_MAIN_R1: sent MR1, expecting MI2
Sep  7 15:50:31 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #14:
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed
Sep  7 15:50:31 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #14:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Sep  7 15:50:31 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #14:
STATE_MAIN_R2: sent MR2, expecting MI3
Sep  7 15:50:32 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #14:
discarding duplicate packet; already STATE_MAIN_R2
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #14:
Main mode peer ID is ID_DER_ASN1_DN: 'C=NL, ST=Utrecht, L=Utrecht, O=Testing
Corporation, OU=Research and Development, CN=Left1024, E=
admin at testingcorporation.nl'
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #14:
switched from "l2tp-X.509" to "l2tp-X.509"
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #14: I
am sending my cert
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #14:
deleting connection "l2tp-X.509" instance with peer 62.140.137.107
{isakmp=#0/ipsec=#13}
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509" #13: deleting state
(STATE_QUICK_R2)
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #14:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #14:
new NAT mapping for #14, was 62.140.137.125:29237, now 62.140.137.125:29528
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #14:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #14:
peer client type is FQDN
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #14:
Applying workaround for MS-818043 NAT-T bug
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #14:
IDci was FQDN: U\221\224j, using NAT_OA=10.66.108.51/32 as IDci
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #14:
the peer proposed: 85.145.148.106/32:17/1701 -> 10.66.108.51/32:17/0
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #16:
responding to Quick Mode proposal {msgid:b8cafe89}
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #16:
  us: 85.145.148.106<85.145.148.106>[C=NL, ST=Utrecht, L=Utrecht, O=Testing
Corporation, OU=Research and Development, CN=Left1024, E=
admin at testingcorporation.nl,+S=C]:17/1701
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #16:
them: 62.140.137.125[C=NL, ST=Utrecht, L=Utrecht, O=Testing Corporation,
OU=Research and Development, CN=Left1024, E=admin at testingcorporation.nl
,+S=C]:17/0===10.66.108.51/32
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #16:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #16:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #16:
netlink_raw_eroute: WARNING: that_client port 0 and that_host port 29528
don't match. Using that_client port.
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #16:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Sep  7 15:50:34 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #16:
STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x00bc42b0
<0x44d1a644 xfrm=3DES_0-HMAC_SHA1 NATOA=10.66.108.51 NATD=
62.140.137.125:29528 DPD=none}
Sep  7 15:50:37 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #15:
ignoring informational payload, type INVALID_COOKIE msgid=00000000
Sep  7 15:50:37 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #15:
received and ignored informational message
Sep  7 15:50:58 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #15:
ignoring informational payload, type INVALID_COOKIE msgid=00000000
Sep  7 15:50:58 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #15:
received and ignored informational message
Sep  7 15:51:27 gateway pluto[1749]: "l2tp-X.509"[12] 62.140.137.125 #14:
received Delete SA payload: deleting ISAKMP State #14
Sep  7 15:51:27 gateway pluto[1749]: packet from 62.140.137.125:29528:
received and ignored informational message
Sep  7 15:51:28 gateway pluto[1749]: packet from 62.140.137.125:29528:
Informational Exchange is for an unknown (expired?) SA with MSGID:0x3bdca6f8
Sep  7 15:51:37 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125 #15:
max number of retransmissions (2) reached STATE_MAIN_R1
Sep  7 15:51:37 gateway pluto[1749]: "l2tp-X.509"[11] 62.140.137.125:
deleting connection "l2tp-X.509" instance with peer 62.140.137.125
{isakmp=#0/ipsec=#0}

The output of xl2tpd -D:

xl2tpd[1808]: control_finish: Peer requested tunnel 14 twice, ignoring
second one.
xl2tpd[1808]: Connection established to 62.140.137.125, 1701.  Local: 15271,
Remote: 14 (ref=0/0).  LNS session is 'default'
xl2tpd[1808]: start_pppd: I'm running:
xl2tpd[1808]: "/usr/sbin/pppd"
xl2tpd[1808]: "passive"
xl2tpd[1808]: "nodetach"
xl2tpd[1808]: "172.28.1.1:172.28.1.10"
xl2tpd[1808]: "auth"
xl2tpd[1808]: "name"
xl2tpd[1808]: "Helios.Lan"
xl2tpd[1808]: "debug"
xl2tpd[1808]: "file"
xl2tpd[1808]: "/etc/ppp/options.xl2tpd"
xl2tpd[1808]: "/dev/pts/4"
xl2tpd[1808]: Call established with 62.140.137.125, Local: 38486, Remote: 1,
Serial: 0
xl2tpd[1808]: control_finish: Connection closed to 62.140.137.125, serial 0
()
xl2tpd[1808]: Terminating pppd: sending TERM signal to pid 6365
xl2tpd[1808]: control_finish: Connection closed to 62.140.137.125, port 1701
(), Local: 15271, Remote: 14



Bart Smink
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100907/6c9f97ea/attachment-0001.html 


More information about the Users mailing list