[Openswan Users] l2tp and openswan tunnel problem?

shamsat shamsat at zoho.com
Fri Feb 1 11:13:13 EST 2013 

Since weeks i want to setup my debian wheezy box as l2tp client to connect to my vpn server with xl2tpd and openswan, the external interface of my linux sytem is ppp0 with dynamic ip address and the internal interface is eth0 it's ip address is 192.168.1.1.
 
 this is my ipsec.conf:

  version 2.0
 config setup 
 dumpdir=/var/run/pluto/
 nat_traversal=yes
 virtual_private=%v4:10.0.0.0/8,%v4:192.168.1.0/24,%v4:172.16.0.0/12
 oe=off
 protostack=netkey
 plutostderrlog=/var/log/pluto.log
 interfaces="%defaultroute"
 
 conn L2tp-Client
 
 authby=secret
 pfs=no
 auto=add
 rekey=no
 type=transport
 left=%defaultroute
 leftnexthop=%defaultroute
 leftid=%defaultroute
 leftprotoport=17/1701
 leftsourceip=192.168.1.1
 leftsubnet=192.168.1.0/24
 right=46.165.221.230
 rightid=46.165.221.230
 rightnexthop=46.165.221.230
 rightprotoport=17/1701 
The "ipsec auto --up L2tp-Client" command show the connection established:

     listening for IKE messages
 adding interface ppp0/ppp0 118.104.230.5:500
 adding interface ppp0/ppp0 118.104.230.5:4500
 adding interface eth0/eth0 192.168.1.1:500
 adding interface eth0/eth0 192.168.1.1:4500
 adding interface lo/lo 127.0.0.1:500
 adding interface lo/lo 127.0.0.1:4500
 adding interface lo/lo ::1:500
 loading secrets from "/etc/ipsec.secrets"
 "L2tp-Client" #1: initiating Main Mode
 "L2tp-Client" #1: ignoring unknown Vendor ID payload [882fe56d6fd20dbc2251613b2ebe5beb]
 
 "L2tp-Client" #1: received Vendor ID payload [Dead Peer Detection]
 "L2tp-Client" #1: received Vendor ID payload [RFC 3947] method set to=109
 "L2tp-Client" #1: enabling possible NAT-traversal with method 4
 "L2tp-Client" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
 "L2tp-Client" #1: STATE_MAIN_I2: sent MI2, expecting MR2
 "L2tp-Client" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
 "L2tp-Client" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
 "L2tp-Client" #1: STATE_MAIN_I3: sent MI3, expecting MR3
 "L2tp-Client" #1: Main mode peer ID is ID_IPV4_ADDR: '46.165.221.230'
 "L2tp-Client" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
 "L2tp-Client" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}
 "L2tp-Client" #2: initiating Quick Mode PSK+ENCRYPT+DONTREKEY+UP+IKEv2ALLOW+SAREFTRACK {using isakmp#1 msgid:817a4a6b proposal=defaults pfsgroup=no-pfs}
 "L2tp-Client" #2: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
 "L2tp-Client" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0xc27caac2 <0x03c95196 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}  

and this is the routing table:

 # ip route show
 default dev ppp0 scope link
 46.165.221.230 via 118.104.228.4 dev ppp0 src 192.168.1.1
 118.104.228.4 dev ppp0 proto kernel scope link src 118.104.230.5
 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.1 
46.165.221.230 is my vpn server ip address and 118.104.228.4 is my isp ip address but i think the trafic didn't go throught this tunnel this is the tcpdump output:

     #tcpdump -i ppp0
 
 19:50:03.628622 IP mypc.50912 > 217.212.238.33.http: Flags [.], ack 135116, win 259, length 0
 19:50:03.654674 IP 78-60-68-191.static.zebra.lt.63619 > mypc.51413: UDP, length 103
 19:50:03.655292 IP mypc.3419 > resolver1-fs.opendns.com.domain: 31095+ PTR? 191.68.60.78.in-addr.arpa. (43)
 19:50:03.956620 IP 217.212.238.33.http > mypc.50914: Flags [.], seq 144460:145846, ack 1635, win 65535, length 1386
 19:50:04.208670 IP mypc.50914 > 217.212.238.33.http: Flags [.], ack 145846, win 259, length 0
 19:50:04.232589 IP 217.212.238.33.http > mypc.50914: Flags [.], seq 145846:147232, ack 1635, win 65535, length 1386
 19:50:04.446509 IP 217.212.238.33.http > mypc.50914: Flags [.], seq 147232:148246, ack 1635, win 65535, length 1014
 19:50:04.446895 IP mypc.50914 > 217.212.238.33.http: Flags [.], ack 148246, win 259, length 0
 19:50:04.735465 IP 217.212.238.33.http > mypc.50914: Flags [.], seq 148246:149632, ack 1635, win 65535, length 1386
 19:50:04.814437 IP 217.212.238.33.http > mypc.50914: Flags [.], seq 149632:150014, ack 1635, win 65535, length 382
 19:50:04.815738 IP mypc.50914 > 217.212.238.33.http: Flags [.], ack 150014, win 259, length 0
 19:50:06.131215 IP resolver1-fs.opendns.com.domain > mypc.19745: 20394 0/0/0 (25)
 19:50:06.278986 IP mypc.30523 > resolver1-fs.opendns.com.domain: 63097+ AAAA? shamsme. (25)
 19:50:06.423183 IP 217.212.238.33.http > mypc.50912: Flags [.], seq 135116:136502, ack 2730, win 65535, length 1386
 19:50:06.637187 IP 217.212.238.33.http > mypc.50912: Flags [.], seq 136502:137562, ack 2730, win 65535, length 1060
 19:50:06.637717 IP mypc.50912 > 217.212.238.33.http: Flags [.], ack 137562, win 259, length 0
 19:50:06.659136 IP loft2278.serverloft.eu.openvpn > mypc.42546: Flags [R.], seq 0, ack 1347820094, win 0, length 0
 19:50:06.949136 IP 217.212.238.33.http > mypc.50912: Flags [.], seq 137562:138948, ack 2730, win 65535, length 1386
 19:50:07.089100 IP 217.212.238.33.http > mypc.50912: Flags [.], seq 138948:139651, ack 2730, win 65535, length 703
 19:50:08.273203 IP mypc.44279 > resolver1-fs.opendns.com.domain: 41557+ PTR? 88.179.170.86.in-addr.arpa. (44)
 19:50:08.302491 IP CPE-121-218-160-31.lnse4  

Please help me where i am wrong?





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20130201/c45ef48c/attachment.html>

More information about the Users mailing list