[Openswan Users] IPSEC with L2TP configuration in UBUNTU

heta shah heta45 at gmail.com
Sat Jun 25 04:39:13 EDT 2011


Hello sir,

Thank you .I have gone throught below link

On Fri, Jun 24, 2011 at 10:15 PM, Willie Gillespie <
wgillespie+openswan at es2eng.com> wrote:

> On 6/23/2011 11:51 PM, heta shah wrote:
>
>> Hello All experts,
>>
>> Any help me regarding IPSEC / L2TP configuration in UBUNTU. HOW To for
>> IPSEC/L2TP for VPN server configuration in ubuntu....
>>
>> Any material/ document...
>>
>
> I'm assuming you want something like this:
> http://www.rootmanager.com/**ubuntu-ipsec-l2tp-windows-**
> domain-auth/setting-up-**openswan-xl2tpd-with-native-**
> windows-clients.html<http://www.rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-auth/setting-up-openswan-xl2tpd-with-native-windows-clients.html>
>
>
I have configure IPSEC with L2TP with PSK shared key. But client cannot
connect to VPN server. It showing error in xl2tpd .
My logs of VPN servers are.

tail -f /var/log/auth.log
Jun 25 13:58:40 cloud-enjay pluto[3914]: packet from 115.248.122.242:4500:
received and ignored informational message
Jun 25 13:58:43 cloud-enjay pluto[3914]: packet from 115.248.122.242:500:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Jun 25 13:58:43 cloud-enjay pluto[3914]: packet from 115.248.122.242:500:
ignoring Vendor ID payload [FRAGMENTATION]
Jun 25 13:58:43 cloud-enjay pluto[3914]: packet from 115.248.122.242:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set
to=106
Jun 25 13:58:43 cloud-enjay pluto[3914]: packet from 115.248.122.242:500:
ignoring Vendor ID payload [Vid-Initial-Contact]
Jun 25 13:58:43 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242
#27: responding to Main Mode from unknown peer 115.248.122.242
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242
#27: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242
#27: STATE_MAIN_R1: sent MR1, expecting MI2
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242
#27: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is
NATed
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242
#27: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242
#27: STATE_MAIN_R2: sent MR2, expecting MI3
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242
#27: Main mode peer ID is ID_FQDN: '@2k3test.enjay.com'
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[27] 115.248.122.242
#27: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#27: deleting connection "L2TP-PSK-NAT" instance with peer 115.248.122.242
{isakmp=#0/ipsec=#0}
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#27: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#27: new NAT mapping for #27, was 115.248.122.242:500, now
115.248.122.242:4500
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#27: STATE_MAIN_R3: sent MR3, ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha
group=modp2048}
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#27: peer client type is FQDN
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#27: Applying workaround for MS-818043 NAT-T bug
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#27: IDci was FQDN: t\307\251-, using NAT_OA=192.168.1.35/32 as IDci
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#27: the peer proposed: 116.199.169.45/32:17/1701 -> 192.168.1.35/32:17/0
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#28: responding to Quick Mode proposal {msgid:d5ee3142}
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#28:     us: 116.199.169.45<116.199.169.45>[+S=C]:17/1701
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#28:   them: 115.248.122.242[@2k3test.enjay.com,+S=C]:17/1701===?
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#28: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#28: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#28: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jun 25 13:58:44 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#28: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x6f99f081
<0x1e9a9771 xfrm=3DES_0-HMAC_MD5 NATOA=192.168.1.35 NATD=
115.248.122.242:4500 DPD=none}
Jun 25 13:58:49 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#27: received Delete SA(0x6f99f081) payload: deleting IPSEC State #28
Jun 25 13:58:49 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#27: received and ignored informational message
Jun 25 13:58:49 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242
#27: received Delete SA payload: deleting ISAKMP State #27
Jun 25 13:58:49 cloud-enjay pluto[3914]: "L2TP-PSK-NAT"[28] 115.248.122.242:
deleting connection "L2TP-PSK-NAT" instance with peer 115.248.122.242
{isakmp=#0/ipsec=#0}
Jun 25 13:58:49 cloud-enjay pluto[3914]: packet from 115.248.122.242:4500:
received and ignored informational message



root at cloud-enjay:~# tail -f /var/log/debug
Jun 25 13:55:25 cloud-enjay xl2tpd[7585]: Unable to deliver closing message
for tunnel 3261. Destroying anyway.
Jun 25 13:55:33 cloud-enjay xl2tpd[7585]: control_finish: Peer requested
tunnel 17 twice, ignoring second one.
Jun 25 13:55:38 cloud-enjay xl2tpd[7585]: Unable to deliver closing message
for tunnel 15425. Destroying anyway.
Jun 25 13:55:43 cloud-enjay xl2tpd[7585]: control_finish: Peer requested
tunnel 17 twice, ignoring second one.
Jun 25 13:58:07 cloud-enjay xl2tpd[7585]: control_finish: Peer requested
tunnel 18 twice, ignoring second one.
Jun 25 13:58:20 cloud-enjay last message repeated 3 times
Jun 25 13:58:25 cloud-enjay xl2tpd[7585]: Unable to deliver closing message
for tunnel 25945. Destroying anyway.
Jun 25 13:58:30 cloud-enjay xl2tpd[7585]: control_finish: Peer requested
tunnel 18 twice, ignoring second one.
Jun 25 13:58:46 cloud-enjay xl2tpd[7585]: control_finish: Peer requested
tunnel 19 twice, ignoring second one.
Jun 25 13:58:47 cloud-enjay xl2tpd[7585]: control_finish: Peer requested
tunnel 19 twice, ignoring second one.


Please help me regarding this error.

-- 
Thanks and Regards.

Heta Shah
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110625/0724d29a/attachment.html 


More information about the Users mailing list