[Openswan Users] ipsec+l2tp vpn failed
xutingting
t.t.xu at outsideheaven.com
Tue Sep 25 02:50:39 EDT 2012
Hi,
I have installed openswan-2.6.24 and xl2tp on my vps,i used yum to install
xl2tpd.Aftering installing and configing,the vpn did not work.It showed error
code 691,but the username and password were all correct.
I have checked the log.
=====================
log file:
Sep 24 09:20:24 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec_setup: ...Openswan
IPsec stopped
Sep 24 09:20:24 acf9f826-1201-4213-9ac7-2c1fc1579e88 kernel: NET: Registered
protocol family 15
Sep 24 09:20:24 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec_setup: Starting
Openswan IPsec U2.6.24/K2.6.18-308.11.1.el5xen...
Sep 24 09:20:24 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec_setup: Using
NETKEY(XFRM) stack
Sep 24 09:20:24 acf9f826-1201-4213-9ac7-2c1fc1579e88 kernel: ipv6 esp init:
can't add xfrm type
Sep 24 09:20:24 acf9f826-1201-4213-9ac7-2c1fc1579e88 kernel: ipv6 ah init: can't
add xfrm type
Sep 24 09:20:25 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec_setup: ...Openswan
IPsec started
Sep 24 09:20:25 acf9f826-1201-4213-9ac7-2c1fc1579e88 pluto: adjusting ipsec.d to
/etc/ipsec.d
Sep 24 09:20:25 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec__plutorun: adjusting
ipsec.d to /etc/ipsec.d
Sep 24 09:20:25 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec__plutorun: 002 added
connection description "L2TP-PSK-NAT"
Sep 24 09:20:25 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec__plutorun: 002 added
connection description "L2TP-PSK-noNAT"
Sep 24 09:20:25 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec__plutorun: 003 NAT-
Traversal: Trying new style NAT-T
Sep 24 09:20:25 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec__plutorun: 003 NAT-
Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19)
Sep 24 09:20:25 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec__plutorun: 003 NAT-
Traversal: Trying old style NAT-T
Sep 24 09:20:25 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec__plutorun: 003 ERROR
"/etc/ipsec.secrets" line 1: index "%any:PSK" non-hex field in IPv6 numeric
address
Sep 24 09:20:25 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec__plutorun: 003 ERROR
"/etc/ipsec.secrets" line 1: index "yyuiGTH" does not look numeric and name
lookup failed
Sep 24 09:20:25 acf9f826-1201-4213-9ac7-2c1fc1579e88 ipsec__plutorun: 003
"/etc/ipsec.secrets" line 1: unexpected end of id list
Sep 25 00:04:14 acf9f826-1201-4213-9ac7-2c1fc1579e88 auditd[1226]: Audit daemon
rotating log files
================
The infomation of my ipsec.conf:
config setup
dumpdir=/var/run/pluto/
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.
0/8,%v6:fd00::/8,%v6:fe80::/10
oe=off
protostack=netkey
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=My server Ip
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
ipsec.secrets:
My server Ip %any:PSK yyuiGTH
Thanks for any help.
More information about the Users
mailing list