[Openswan Users] Problem in IPSEC L2TP connectivity
heta45 at gmail.com
Fri Sep 9 07:44:54 EDT 2011
Hello Experts ,
I have configured IPSEC and L2TP in ubuntu system . I want to configure road
worries setup . In this my VPN is working fine . Windows system is connected
with ubuntu VPN server and I can connect with vpn server from windows VPN
client but I cannot connect mean cannot ping to windows VPN client from
ubuntu VPN server. This is my configuration of ubuntu VPN server.
# Configuration for one user with any type of IPsec/L2TP client
# including the updated Windows 2000/XP (MS KB Q818043), but
# excluding the non-updated Windows 2000/XP.
# Use a Preshared Key. Disable Perfect Forward Secrecy.
# PreSharedSecret needs to be specified in /etc/ipsec.secrets as
# YourIPAddress %any: "sharedsecret"
# we cannot rekey for %any, let client rekey
# Apple iOS doesn't send delete notify so we need dead peer
# to detect vanishing clients
# Set ikelifetime and keylife to same defaults windows has
# l2tp-over-ipsec is transport mode
# For updated Windows 2000/XP clients,
# to support old clients as well, use leftprotoport=17/%any
# The remote user.
# Using the magic port of "%any" means "any one single port". This
# a work around required for Apple OSX clients that use a randomly
# high port.
# Normally, KLIPS drops all plaintext traffic from IP's it has a crypted
# connection with. With L2TP clients behind NAT, that's not really what
# you want. The connection below allows both l2tp/ipsec and plaintext
# connections from behind the same NAT router.
# The l2tpd use a leftprotoport, so they are more specific and will be used
# first. Then, packets for the host on different ports and protocols (eg
# will match this passthrough conn.
listen-addr = 192.168.1.121
ip range = 192.168.5.10-192.168.5.20
local ip = 192.168.5.60
;require chap = yes
refuse chap = yes
refuse pap = yes
require authentication = yes
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
# Secrets for authentication using CHAP
# client server secret IP addresses
username * "password" *
* username "password" *
Please check this configuration This is my testing system for checking ipsec
L2TP configuration. Please check it is giving one way communication. If any
error Please tell me.
Thanks and Regards.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users