[Openswan Users] openswan xl2tp VPN working from laptop but not from phone

geert geurts geert at verweggistan.eu
Sun Jul 8 09:59:25 EDT 2012


Hello all,

I've been working to get my ipsec VPN working and it does for my laptop but
when I try to connect using my android phone l2tp seems to fail.
The ipsec connection is succesfull (I guess...), "ipsec setup status" show
one tunnel active.
I've compared the plutosterr log files and syslog files when making both
connections, and the difference seems to be the following:
from plutostderr log:
 phone: "L2TP"[2] 87.212.84.1 #1: the peer proposed:
85.17.206.174/32:17/1701 -> 87.212.84.1/32:17/0
 laptop: "L2TP"[2] 87.212.84.1 #1: the peer proposed:
85.17.206.174/32:17/1701 -> 192.168.1.8/32:17/0

In the syslog of "laptop" there comes a lot log messages, the syslog of a
"phone" connection remains empty...
Below the configuration of ipsec/xl2tpd and version used, in the end th
full log output of plutosterr log from where I've extracted the above
difference.

!versions:
distribution:            ubuntu 10.04
uname -r:               2.6.32-41-generic
openswan version:  U2.6.34/K2.6.32-41-generic (netkey)
xl2tpd version:        xl2tpd-1.2.6

!configuration files:
<ipsec.conf>
version 2.0 # conforms to second version of ipsec.conf specification

config setup
            # NAT-TRAVERSAL support, see README.NAT-Traversal
            nat_traversal=yes
        listen=XX.XX.XX.174
            # exclude networks used on server side by adding %v4:!a.b.c.0/24
            virtual_private=%v4:
10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
            # OE is now off by default. Uncomment and change to on, to
enable.
            oe=off
            # which IPsec stack to use. netkey,klips,mast,auto or none
            protostack=netkey
            plutostderrlog=/var/log/pluto.log

            # Add connections here
            nhelpers=0

conn L2TP
            authby=secret
            auto=add
            pfs=no
            type=transport
            rekey=no
            compress=yes
            left=XX.XX.XX.174
            leftnexthop=XX.XX.XX.254
            leftprotoport=17/1701
            right=%any
            rightsubnet=vhost:%no,%priv
            rightprotoport=17/%any
            forceencaps=yes
            dpddelay=40
            dpdtimeout=130
            dpdaction=clear
</ipsec.conf>

<xl2tpd.conf>
[global]
    auth file = /etc/ppp/chap-secrets
    port = 1701
    debug tunnel = yes
    debug avp = yes
    debug packet = yes
    debug network = yes
    debug state = yes

[lns default]
    ip range = 192.168.4.51-192.168.4.55
    local ip = 192.168.4.1
    require chap = yes
    refuse pap = yes
    require authentication = yes
    name = verweggistan.eu
    ppp debug = yes
    pppoptfile = /etc/ppp/options.xl2tpd
    length bit = yes
</xl2tpd.conf>

<options.xl2tpd>
ipcp-accept-local
ipcp-accept-remote
noccp
modem
auth
idle 1800
mtu 1410
mru 1410
noreplacedefaultroute
debug
lock
proxyarp
connect-delay 5000
</options.xl2tpd>

!full plutostderr logs of both connections:
<plutosterr connect from laptop>
packet from XX.XX.XX.1:500: ignoring unknown Vendor ID payload
[4f45755c645c6a795c5c6170]
packet from XX.XX.XX.1:500: received Vendor ID payload [Dead Peer Detection]
packet from XX.XX.XX.1:500: received Vendor ID payload [RFC 3947] method
set to=109
packet from XX.XX.XX.1:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 109
packet from XX.XX.XX.1:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 109
packet from XX.XX.XX.1:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 109
packet from XX.XX.XX.1:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-00]
sh: /bin/openswan-statsd: not found
"L2TP"[1] XX.XX.XX.1 #1: responding to Main Mode from unknown peer
XX.XX.XX.1
"L2TP"[1] XX.XX.XX.1 #1: transition from state STATE_MAIN_R0 to state
STATE_MAIN_R1
"L2TP"[1] XX.XX.XX.1 #1: STATE_MAIN_R1: sent MR1, expecting MI2
"L2TP"[1] XX.XX.XX.1 #1: NAT-Traversal: Result using RFC 3947
(NAT-Traversal): both are NATed
"L2TP"[1] XX.XX.XX.1 #1: transition from state STATE_MAIN_R1 to state
STATE_MAIN_R2
sh: /bin/openswan-statsd: not found
"L2TP"[1] XX.XX.XX.1 #1: STATE_MAIN_R2: sent MR2, expecting MI3
"L2TP"[1] XX.XX.XX.1 #1: Main mode peer ID is ID_IPV4_ADDR: '192.168.1.8'
"L2TP"[1] XX.XX.XX.1 #1: switched from "L2TP" to "L2TP"
"L2TP"[2] XX.XX.XX.1 #1: deleting connection "L2TP" instance with peer
XX.XX.XX.1 {isakmp=#0/ipsec=#0}
"L2TP"[2] XX.XX.XX.1 #1: transition from state STATE_MAIN_R2 to state
STATE_MAIN_R3
sh: /bin/openswan-statsd: not found
"L2TP"[2] XX.XX.XX.1 #1: new NAT mapping for #1, was XX.XX.XX.1:500, now
XX.XX.XX.1:4500
"L2TP"[2] XX.XX.XX.1 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}
"L2TP"[2] XX.XX.XX.1 #1: Dead Peer Detection (RFC 3706): enabled
"L2TP"[2] XX.XX.XX.1 #1: the peer proposed: XX.XX.XX.174/32:17/1701 ->
192.168.1.8/32:17/0
"L2TP"[2] XX.XX.XX.1 #1: NAT-Traversal: received 2 NAT-OA. using first,
ignoring others
sh: /bin/openswan-statsd: not found
"L2TP"[2] XX.XX.XX.1 #2: responding to Quick Mode proposal {msgid:2e70fdae}
"L2TP"[2] XX.XX.XX.1 #2:     us:
XX.XX.XX.174<XX.XX.XX.174>[+S=C]:17/1701---XX.XX.XX.254
"L2TP"[2] XX.XX.XX.1 #2:   them: XX.XX.XX.1[192.168.1.8,+S=C]:17/1701===
192.168.1.8/32
"L2TP"[2] XX.XX.XX.1 #2: transition from state STATE_QUICK_R0 to state
STATE_QUICK_R1
"L2TP"[2] XX.XX.XX.1 #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA
installed, expecting QI2
"L2TP"[2] XX.XX.XX.1 #2: Dead Peer Detection (RFC 3706): enabled
"L2TP"[2] XX.XX.XX.1 #2: transition from state STATE_QUICK_R1 to state
STATE_QUICK_R2
sh: /bin/openswan-statsd: not found
"L2TP"[2] XX.XX.XX.1 #2: STATE_QUICK_R2: IPsec SA established transport
mode {ESP/NAT=>0x48efebac <0xd3066c7a xfrm=AES_128-HMAC_SHA1
NATOA=192.168.1.8 NATD=XX.XX.XX.1:4500 DPD=enabled}
</plutostderr connect from laptop>

<plutosterr connect from phone>
adding interface eth0/eth0 XX.XX.XX.174:500
adding interface eth0/eth0 XX.XX.XX.174:4500
skipping interface lo with 127.0.0.1
skipping interface lo with ::1
loading secrets from "/etc/ipsec.secrets"
packet from XX.XX.XX.1:60500: ignoring unknown Vendor ID payload
[f758f22668750f03b08df6ebe1d00403]
packet from XX.XX.XX.1:60500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02] method set to=107
packet from XX.XX.XX.1:60500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 107
packet from XX.XX.XX.1:60500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03] method set to=108
packet from XX.XX.XX.1:60500: received Vendor ID payload [RFC 3947] method
set to=109
packet from XX.XX.XX.1:60500: received Vendor ID payload [Dead Peer
Detection]
sh: /bin/openswan-statsd: not found
"L2TP"[1] XX.XX.XX.1 #1: responding to Main Mode from unknown peer
XX.XX.XX.1
"L2TP"[1] XX.XX.XX.1 #1: transition from state STATE_MAIN_R0 to state
STATE_MAIN_R1
"L2TP"[1] XX.XX.XX.1 #1: STATE_MAIN_R1: sent MR1, expecting MI2
"L2TP"[1] XX.XX.XX.1 #1: NAT-Traversal: Result using RFC 3947
(NAT-Traversal): both are NATed
"L2TP"[1] XX.XX.XX.1 #1: transition from state STATE_MAIN_R1 to state
STATE_MAIN_R2
sh: /bin/openswan-statsd: not found
"L2TP"[1] XX.XX.XX.1 #1: STATE_MAIN_R2: sent MR2, expecting MI3
"L2TP"[1] XX.XX.XX.1 #1: ignoring informational payload, type
IPSEC_INITIAL_CONTACT msgid=00000000
"L2TP"[1] XX.XX.XX.1 #1: Main mode peer ID is ID_IPV4_ADDR: '192.168.1.7'
"L2TP"[1] XX.XX.XX.1 #1: switched from "L2TP" to "L2TP"
"L2TP"[2] XX.XX.XX.1 #1: deleting connection "L2TP" instance with peer
XX.XX.XX.1 {isakmp=#0/ipsec=#0}
"L2TP"[2] XX.XX.XX.1 #1: transition from state STATE_MAIN_R2 to state
STATE_MAIN_R3
sh: /bin/openswan-statsd: not found
"L2TP"[2] XX.XX.XX.1 #1: new NAT mapping for #1, was XX.XX.XX.1:60500, now
XX.XX.XX.1:64500
"L2TP"[2] XX.XX.XX.1 #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
"L2TP"[2] XX.XX.XX.1 #1: Dead Peer Detection (RFC 3706): enabled
"L2TP"[2] XX.XX.XX.1 #1: peer client type is FQDN
"L2TP"[2] XX.XX.XX.1 #1: Applying workaround for MS-818043 NAT-T bug
"L2TP"[2] XX.XX.XX.1 #1: the peer proposed: XX.XX.XX.174/32:17/1701 ->
XX.XX.XX.1/32:17/0
sh: /bin/openswan-statsd: not found
"L2TP"[2] XX.XX.XX.1 #2: responding to Quick Mode proposal {msgid:e88f1bcf}
"L2TP"[2] XX.XX.XX.1 #2:     us:
XX.XX.XX.174<XX.XX.XX.174>[+S=C]:17/1701---XX.XX.XX.254
"L2TP"[2] XX.XX.XX.1 #2:   them: XX.XX.XX.1[192.168.1.7,+S=C]:17/1701
"L2TP"[2] XX.XX.XX.1 #2: transition from state STATE_QUICK_R0 to state
STATE_QUICK_R1
"L2TP"[2] XX.XX.XX.1 #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA
installed, expecting QI2
"L2TP"[2] XX.XX.XX.1 #2: Dead Peer Detection (RFC 3706): enabled
"L2TP"[2] XX.XX.XX.1 #2: transition from state STATE_QUICK_R1 to state
STATE_QUICK_R2
sh: /bin/openswan-statsd: not found
"L2TP"[2] XX.XX.XX.1 #2: STATE_QUICK_R2: IPsec SA established transport
mode {ESP/NAT=>0x3efcc616 <0x01572877 xfrm=AES_128-HMAC_SHA1 NATOA=none
NATD=XX.XX.XX.1:64500 DPD=enabled}
"L2TP"[2] XX.XX.XX.1 #1: received Delete SA payload: deleting ISAKMP State
#1
sh: /bin/openswan-statsd: not found
packet from XX.XX.XX.1:64500: received and ignored informational message
"L2TP"[2] XX.XX.XX.1 #2: DPD: could not find newest phase 1 state
</plutosterr connect from phone>

<syslog connect from lptop>
Jul  8 14:49:51 verweggistan xl2tpd[12389]: get_call: allocating new tunnel
for host XX.XX.XX.1, port 1701.
Jul  8 14:49:51 verweggistan xl2tpd[12389]: handle_avps: handling avp's for
tunnel 58083, call 34341
Jul  8 14:49:51 verweggistan xl2tpd[12389]: message_type_avp: message type
1 (Start-Control-Connection-Request)
Jul  8 14:49:51 verweggistan xl2tpd[12389]: protocol_version_avp: peer is
using version 1, revision 0.
Jul  8 14:49:51 verweggistan xl2tpd[12389]: framing_caps_avp: supported
peer frames: async sync
Jul  8 14:49:51 verweggistan xl2tpd[12389]: bearer_caps_avp: supported peer
bearers:
Jul  8 14:49:51 verweggistan xl2tpd[12389]: firmware_rev_avp: peer reports
firmware version 1680 (0x0690)
Jul  8 14:49:51 verweggistan xl2tpd[12389]: hostname_avp: peer reports
hostname 'geert-K53SD'
Jul  8 14:49:51 verweggistan xl2tpd[12389]: vendor_avp: peer reports vendor
'xelerance.com'
Jul  8 14:49:51 verweggistan xl2tpd[12389]: assigned_tunnel_avp: using
peer's tunnel 19802
Jul  8 14:49:51 verweggistan xl2tpd[12389]: receive_window_size_avp: peer
wants RWS of 4.  Will use flow control.
Jul  8 14:49:51 verweggistan xl2tpd[12389]: control_finish: message type is
Start-Control-Connection-Request(1).  Tunnel is 19802, call is 0.
Jul  8 14:49:51 verweggistan xl2tpd[12389]: control_finish: Peer requested
tunnel 19802 twice, ignoring second one.
Jul  8 14:49:51 verweggistan xl2tpd[12389]: build_fdset: closing down
tunnel 58083
Jul  8 14:49:51 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 20, tunnel = 53080, call = 0 ref=0 refhim=0
Jul  8 14:49:51 verweggistan xl2tpd[12389]: handle_avps: handling avp's for
tunnel 53080, call 0
Jul  8 14:49:51 verweggistan xl2tpd[12389]: message_type_avp: message type
3 (Start-Control-Connection-Connected)
Jul  8 14:49:51 verweggistan xl2tpd[12389]: control_finish: message type is
Start-Control-Connection-Connected(3).  Tunnel is 19802, call is 0.
Jul  8 14:49:51 verweggistan xl2tpd[12389]: Connection established to
XX.XX.XX.1, 1701.  Local: 53080, Remote: 19802 (ref=0/0).  LNS session is
'default'
Jul  8 14:49:51 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 48, tunnel = 53080, call = 0 ref=0 refhim=0
Jul  8 14:49:51 verweggistan xl2tpd[12389]: handle_avps: handling avp's for
tunnel 53080, call 0
Jul  8 14:49:51 verweggistan xl2tpd[12389]: message_type_avp: message type
10 (Incoming-Call-Request)
Jul  8 14:49:51 verweggistan xl2tpd[12389]: message_type_avp: new incoming
call
Jul  8 14:49:51 verweggistan xl2tpd[12389]: assigned_call_avp: using peer's
call 63786
Jul  8 14:49:51 verweggistan xl2tpd[12389]: call_serno_avp: serial number
is 2
Jul  8 14:49:51 verweggistan xl2tpd[12389]: bearer_type_avp: peer
bears:digital
Jul  8 14:49:51 verweggistan xl2tpd[12389]: control_finish: message type is
Incoming-Call-Request(10).  Tunnel is 19802, call is 0.
Jul  8 14:49:51 verweggistan xl2tpd[12389]: control_finish: Sending ICRP
Jul  8 14:49:51 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 12, tunnel = 53080, call = 0 ref=0 refhim=0
Jul  8 14:49:51 verweggistan xl2tpd[12389]: last message repeated 3 times
Jul  8 14:49:51 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 50, tunnel = 53080, call = 53177 ref=0 refhim=0
Jul  8 14:49:51 verweggistan xl2tpd[12389]: handle_avps: handling avp's for
tunnel 53080, call 53177
Jul  8 14:49:51 verweggistan xl2tpd[12389]: message_type_avp: message type
12 (Incoming-Call-Connected)
Jul  8 14:49:51 verweggistan xl2tpd[12389]: tx_speed_avp: transmit baud
rate is 0
Jul  8 14:49:51 verweggistan xl2tpd[12389]: frame_type_avp: peer uses:sync
frames
Jul  8 14:49:51 verweggistan xl2tpd[12389]: rx_speed_avp: receive baud rate
is 0
Jul  8 14:49:51 verweggistan xl2tpd[12389]: control_finish: message type is
Incoming-Call-Connected(12).  Tunnel is 19802, call is 63786.
Jul  8 14:49:51 verweggistan xl2tpd[12389]: control_finish: Warning: Peer
did not specify transmit speed
Jul  8 14:49:51 verweggistan xl2tpd[12389]: start_pppd: I'm running:
Jul  8 14:49:51 verweggistan xl2tpd[12389]: "/usr/sbin/pppd"
Jul  8 14:49:51 verweggistan xl2tpd[12389]: "passive"
Jul  8 14:49:51 verweggistan xl2tpd[12389]: "nodetach"
Jul  8 14:49:51 verweggistan xl2tpd[12389]: "192.168.4.1:192.168.4.51"
Jul  8 14:49:51 verweggistan xl2tpd[12389]: "refuse-pap"
Jul  8 14:49:51 verweggistan xl2tpd[12389]: "name"
Jul  8 14:49:51 verweggistan xl2tpd[12389]: "verweggistan.eu"
Jul  8 14:49:51 verweggistan xl2tpd[12389]: "debug"
Jul  8 14:49:51 verweggistan xl2tpd[12389]: "file"
Jul  8 14:49:51 verweggistan xl2tpd[12389]: "/etc/ppp/options.xl2tpd"
Jul  8 14:49:51 verweggistan xl2tpd[12389]: "/dev/pts/2"
Jul  8 14:49:51 verweggistan xl2tpd[12389]: Call established with
XX.XX.XX.1, Local: 53177, Remote: 63786, Serial: 2
Jul  8 14:49:51 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 36, tunnel = 53080, call = 53177 ref=0 refhim=0
Jul  8 14:49:51 verweggistan pppd[12682]: pppd 2.4.5 started by root, uid 0
Jul  8 14:49:51 verweggistan pppd[12682]: using channel 20
Jul  8 14:49:51 verweggistan pppd[12682]: Using interface ppp0
Jul  8 14:49:51 verweggistan pppd[12682]: Connect: ppp0 <--> /dev/pts/2
Jul  8 14:49:51 verweggistan pppd[12682]: sent [LCP ConfReq id=0x1 <mru
1410> <asyncmap 0x0> <auth eap> <magic 0x581396cc> <pcomp> <accomp>]
Jul  8 14:49:51 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 21, tunnel = 53080, call = 53177 ref=0 refhim=0
Jul  8 14:49:51 verweggistan pppd[12682]: rcvd [LCP ConfNak id=0x1 <auth
chap MD5>]
Jul  8 14:49:51 verweggistan pppd[12682]: sent [LCP ConfReq id=0x2 <mru
1410> <asyncmap 0x0> <auth chap MD5> <magic 0x581396cc> <pcomp> <accomp>]
Jul  8 14:49:51 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 41, tunnel = 53080, call = 53177 ref=0 refhim=0
Jul  8 14:49:51 verweggistan pppd[12682]: rcvd [LCP ConfAck id=0x2 <mru
1410> <asyncmap 0x0> <auth chap MD5> <magic 0x581396cc> <pcomp> <accomp>]
Jul  8 14:49:52 verweggistan xl2tpd[12389]: network_thread: select timeout
Jul  8 14:49:52 verweggistan xl2tpd[12389]: network_thread: select timeout
Jul  8 14:49:54 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 36, tunnel = 53080, call = 53177 ref=0 refhim=0
Jul  8 14:49:54 verweggistan pppd[12682]: rcvd [LCP ConfReq id=0x1 <mru
1410> <asyncmap 0x0> <magic 0x7b5e443c> <pcomp> <accomp>]
Jul  8 14:49:54 verweggistan pppd[12682]: sent [LCP ConfAck id=0x1 <mru
1410> <asyncmap 0x0> <magic 0x7b5e443c> <pcomp> <accomp>]
Jul  8 14:49:54 verweggistan pppd[12682]: sent [LCP EchoReq id=0x0
magic=0x581396cc]
Jul  8 14:49:54 verweggistan pppd[12682]: sent [CHAP Challenge id=0x4e
<88f87955749099d365a232478b043dacf2>, name = "verweggistan.eu"]
Jul  8 14:49:54 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 18, tunnel = 53080, call = 53177 ref=0 refhim=0
Jul  8 14:49:54 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 18, tunnel = 53080, call = 53177 ref=0 refhim=0
Jul  8 14:49:54 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 36, tunnel = 53080, call = 53177 ref=0 refhim=0
Jul  8 14:49:54 verweggistan pppd[12682]: rcvd [LCP EchoReq id=0x0
magic=0x7b5e443c]
Jul  8 14:49:54 verweggistan pppd[12682]: sent [LCP EchoRep id=0x0
magic=0x581396cc]
Jul  8 14:49:54 verweggistan pppd[12682]: rcvd [LCP EchoRep id=0x0
magic=0x7b5e443c]
Jul  8 14:49:54 verweggistan pppd[12682]: rcvd [CHAP Response id=0x4e
<26cf5ad31429ce553414ecc8b0ad49f1>, name = "geert"]
Jul  8 14:49:54 verweggistan pppd[12682]: sent [CHAP Success id=0x4e
"Access granted"]
Jul  8 14:49:54 verweggistan pppd[12682]: sent [IPCP ConfReq id=0x1
<compress VJ 0f 01> <addr 192.168.4.1>]
Jul  8 14:49:54 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 26, tunnel = 53080, call = 53177 ref=0 refhim=0
Jul  8 14:49:54 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 26, tunnel = 53080, call = 53177 ref=0 refhim=0
Jul  8 14:49:54 verweggistan pppd[12682]: rcvd [IPCP ConfReq id=0x1
<compress VJ 0f 01> <addr 0.0.0.0>]
Jul  8 14:49:54 verweggistan pppd[12682]: sent [IPCP ConfNak id=0x1 <addr
192.168.4.51>]
Jul  8 14:49:54 verweggistan pppd[12682]: rcvd [IPCP ConfAck id=0x1
<compress VJ 0f 01> <addr 192.168.4.1>]
Jul  8 14:49:54 verweggistan xl2tpd[12389]: network_thread: recv packet
from XX.XX.XX.1, size = 26, tunnel = 53080, call = 53177 ref=0 refhim=0
Jul  8 14:49:54 verweggistan pppd[12682]: rcvd [IPCP ConfReq id=0x2
<compress VJ 0f 01> <addr 192.168.4.51>]
Jul  8 14:49:54 verweggistan pppd[12682]: sent [IPCP ConfAck id=0x2
<compress VJ 0f 01> <addr 192.168.4.51>]
Jul  8 14:49:54 verweggistan pppd[12682]: Cannot determine ethernet address
for proxy ARP
Jul  8 14:49:54 verweggistan pppd[12682]: local  IP address 192.168.4.1
Jul  8 14:49:54 verweggistan pppd[12682]: remote IP address 192.168.4.51
Jul  8 14:49:54 verweggistan pppd[12682]: Script /etc/ppp/ip-up started
(pid 12685)
Jul  8 14:49:54 verweggistan pppd[12682]: Script /etc/ppp/ip-up finished
(pid 12685), status = 0x0
Jul  8 14:50:24 verweggistan pppd[12682]: sent [LCP EchoReq id=0x1
magic=0x581396cc]
</syslog connect from laptop>

<syslog connect from phone>
Jul  8 14:37:06 verweggistan ipsec_setup: ...Openswan IPsec started
Jul  8 14:37:06 verweggistan pluto: adjusting ipsec.d to /etc/ipsec.d
Jul  8 14:37:06 verweggistan pluto: bind() will be filtered for
XX.XX.XX.174
Jul  8 14:37:06 verweggistan ipsec__plutorun: 002 added connection
description "L2TP"
Jul  8 14:37:06 verweggistan ipsec__plutorun: 003 NAT-Traversal: Trying new
style NAT-T
Jul  8 14:37:06 verweggistan ipsec__plutorun: 003 NAT-Traversal:
ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19)
Jul  8 14:37:06 verweggistan ipsec__plutorun: 003 NAT-Traversal: Trying old
style NAT-T
</syslog connect from phone>

Thank allot for looking at this!

Best regards,
Geert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20120708/2b897229/attachment-0001.html>


More information about the Users mailing list