[Openswan Users] Trouble Getting L2TP Working

The Cr0w crowing.apocalypse at gmail.com
Sun Jun 19 20:48:59 EDT 2011 

Hello everyone,

I'm trying to get L2TP working with Openswan but having some difficulties.
Right now, when I run

ipsec auto --up giganews

I immediately get an error message stating

Whack: is Pluto running?  connect() for "/var/run/pluto/pluto.ctl"
failed (111 Connection refused)

Without any further messages on the screen.

ipsec verify also shows that pluto fails.  I'm not sure why it is failing,
however.  I've looked around on the web and everything seems to point to
error logs should be in /var/log/secure with more details,
but there currently is not a /var/log/secure log file.  I then tried to see
where logging is configured,  There also doesn't appear to be an
/etc/syslog.conf on the system.  The base OS is Backtrack 5 which is based
on Ubuntu 10.04 LTS.

My configuration is:

/etc/ipsec.conf
conn giganews
        authby=secret
        pfs=no
        rekey=yes
        keyingtries=3
        type=transport
        left=%defaultroute
        leftprotoport=17/1701
        right=us1.vpn.giganews.com
        rightid=@us1.vpn.giganews.com
        rightprotoport=17/1701
        auto=add

/etc/ipsec.secrets
%any us1.vpn.giganews.com: PSK "thisisourkey"

/etc/xl2tpd/xl2tpd.conf
[lac giganews]
lns = us1.vpn.giganews.com
require chap = yes
refuse pap = yes
require authentication = yes
; Name should be your giganews username
name = giganews_username
ppp debug = no
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes

/etc/ppp/chap-secrets
giganews_username us1.vpn.giganews.com "giganews_password" *


/etc/ppp/options.l2tpd.client
ipcp-accept-local
ipcp-accept-remote
refuse-eap
noccp
noauth
crtscts
idle 1800
mtu 1410
mru 1410
defaultroute
debug
lock
#proxyarp
connect-delay 5000

as taken from
http://www.atxconsulting.com/blog/tjfontaine/2011/05/01/giganews-vyprvpn-linux-ipsec-l2tp
.

When I had a fresh install of openswan and everything and first tried to run
the ipsec auto --up command, I did not get the pluto error message, but
rather some others (first couldn't find the giganews name, then some other
that I can't remember). After a reboot, I started getting the pluto error
message.

Anyone have any advice on how I can get to the next step? I'm not seeing why
I get the pluto error message and not sure why it's not logging anywhere.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110619/024d7167/attachment.html

More information about the Users mailing list