[Openswan Users] openswan/xl2tpd failing to create ppp sessions

Paul Wouters pwouters at redhat.com
Tue Mar 6 11:08:57 EST 2012

On Tue, 6 Mar 2012, Jonathon Padfield wrote:

>>> I've followed the instructions at
>>> https://www.openswan.org/projects/openswan/wiki/Building_and_Installing_an_SAref_capable_KLIPS_version_for_DebianUbuntu
>>> and applied the 0001/0002 patches for 2.6.38 with minor changes.
>>> I was hoping to stick with a close to stock kernel & repeatable
>>> process, so am using packages from
>>> http://ppa.launchpad.net/openswan/openswan-testing/
>>> (openswan_2.6.37-1xelerance1_i386.deb) and dkms to load the ipsec
>>> module
>>> Now running xl2tpd in debug mode does give a strange message
>>> "setsockopt recvref[22]: Protocol not available"
>> I think that's the error for kernel mode L2TP not being there?, thought
>> it might be the SAref patch. The number "22" looks like it could be an
>> older number used. Remember the SAref patch and xl2tpd need to agree on
>> the socket option number (and we don't have an official one yet)
> That was it. Once I'd upgraded to 1.3.1, the error about setsockopt
> went away, and I could negotiate, connect, and NAT to my hearts
> content from my MacBook. Thank you for your help.

Added to the wiki. Thanks!

>>> Feb 26 10:03:01 localhost pluto[11061]: "L2TP-PSK-NAT"[2] xx.xx.xx.xx
>>> #1: Applying workaround for Mac OS X NAT-OA bug, ignoring proposed
>>> subnet
>> You will need the patch for OSX/android clients from git (not yet in a
>> full release, will be in openswan 2.6.38)
> I'll give that a shot, as my macbook connects fine, but android and
> ipad are still a work in progress.

It will be in openswan 2.6.38, which will be out soon.


More information about the Users mailing list