[Openswan Users] IPsec verification fails; xl2tpd connection times out

Rafał Ochmański mlisty at ochmanski.pl
Sun Aug 25 17:20:01 UTC 2013


I'm trying to configure an L2TP/IPsec PSK VPN. Both my server and test
client are up-to-date Ubuntus 13.04. Openswan, xl2tpd, and ppp come
from the official repository. The configuration follows community
documentation <https://help.ubuntu.com/community/L2TPServer>

ipsec.conf: <https://gist.github.com/anonymous/8cbba22cef2fda010c9f>

The first problem is that the server does not pass ipsec verify.
Two or more interfaces found, checking IP forwarding            [FAILED]
even though forwarding is enabled
# cat /proc/sys/net/ipv4/ip_forward
1

This may, or may not be, related to the second problem which is that,
while the ipsec connection with the client is established correctly,
it times out soon after that because it seemingly fails to contact
xl2tpd.

Aug 25 14:07:10.058 004 "connection-name" #2: STATE_QUICK_I2: sent
QI2, IPsec SA established transport mode {ESP=>0x542d1443 <0x2e94cf9a
xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}
Aug 25 14:07:11.060 xl2tpd[31068]: Connecting to host my.server's.ip, port 1701
Aug 25 14:07:16.065 xl2tpd[31068]: Maximum retries exceeded for tunnel
6146.  Closing.

xl2tdp.conf: https://gist.github.com/anonymous/ea44b0f3c04086d1c536

I don't understand why this is happening, or what's (not) happening
for that matter.

Are those two related? What's the problem? Or at least, where should I look?

syslog on the server is empty, xl2tpd only reports to have started
https://gist.github.com/anonymous/1f36b96a498a26b06427


More information about the Users mailing list