[Openswan Users] xl2tpd tunnel not working?

shamsat shamsat at zoho.com
Thu Jan 17 23:56:07 EST 2013


since weeks i want to setup xl2tpd and openswan in the debian wheezy i read many articles from the net but still cannot scuccessfully setup the tunnel , it  looks like  IPsec tunnel is up:

 # ipsec auto --up mypc

104 "mypc" #1: STATE_MAIN_I1: initiate
003 "mypc" #1: ignoring unknown Vendor ID payload [882fe56d6fd20dbc2251613b2ebe5beb]
003 "mypc" #1: received Vendor ID payload [XAUTH]
003 "mypc" #1: received Vendor ID payload [Dead Peer Detection]
003 "mypc" #1: received Vendor ID payload [RFC 3947] method set to=109 
106 "mypc" #1: STATE_MAIN_I2: sent MI2, expecting MR2
003 "mypc" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
108 "mypc" #1: STATE_MAIN_I3: sent MI3, expecting MR3
004 "mypc" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}
117 "mypc" #2: STATE_QUICK_I1: initiate
004 "mypc" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0xc06408fa <0x1d27ed6c xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=enabled}


This is xl2tpd.conf:

 [global]                                
access control = no
port = 1701                             
ipsec saref = yes

[lac securitykiss]
lns = 217.147.94.149
ip range = 10.1.2.2-10.1.2.255
assign ip = yes
require chap = yes
refuse pap = yes
require authentication = yes
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
name = securitykiss

217.147.94.149 is the my vpn server securitykiss ip address, and this is the options.xl2tpd:

#cat /etc/ppp/options.xl2tpd

ipcp-accept-local
ipcp-accept-remote
require-mschap-v2
ms-dns 8.8.8.8
ms-dns 8.8.4.4
asyncmap 0
auth
crtscts
idle 1800
mtu 1410
mru 1410
nodefaultroute
proxyarp
connect-delay 5000
plugin pppol2tp.so
lock
modem
debug
noccp
name securitykiss
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4 


This is chap-secrets:

 # client    server    secret            IP addresses
vpn_user          securitykiss      "secret"    *
securitykiss      vpn_user          "scret"      *
with "ip link" there is no pppx, please help me?




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20130117/71bfcfdb/attachment.html>


More information about the Users mailing list