[Openswan Users] Tunnels does not come up
Philipp Hoffmann
phoffmann10 at icloud.com
Sat Jan 11 14:56:57 EST 2014
Hello,
our ADSL customers tries to connect to our l2tp server:
—
Jan 11 20:47:56 ipsec01 xl2tpd[3203]: handle_avps: don't know how to handle atribute 110.
Jan 11 20:47:56 ipsec01 xl2tpd[3203]: control_finish: Peer requested tunnel 56988 twice, ignoring second one.
Jan 11 20:47:56 ipsec01 xl2tpd[3203]: handle_avps: don't know how to handle atribute 105.
Jan 11 20:47:56 ipsec01 xl2tpd[3203]: control_finish: Connection closed to <IP of Cisco router>, port 1701 (Tunnel auth failed for ipsec01), Local: 51333, Remote: 56988
Jan 11 20:47:56 ipsec01 xl2tpd[3203]: Can not find tunnel 51333 (refhim=0)
Jan 11 20:47:56 ipsec01 xl2tpd[3203]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 51333 Dumping.
—
It seems, that the tunnels does not come up.
Trace on Cisco LAC:
—
Jan 11 16:58:57.975 CET: VPDN failure cause: received Result 2, Error 6,
existing Authentication failed
Jan 11 16:58:59.335 CET: VPDN CALL [uid:876]: Requesting connection
Jan 11 16:58:59.335 CET: VPDN CALL [uid:876]: Call request sent
Jan 11 16:58:59.335 CET: VPDN MGR [uid:876]: Initiating compulsory
connection to <ip>
Jan 11 16:59:01.355 CET: VPDN MGR [uid:876]: Fail to forward
<user>
Jan 11 16:59:01.355 CET: VPDN MGR [uid:876]: accounting stop sent
Jan 11 16:59:01.355 CET: VPDN CALL [uid:876]: Connection failed
Jan 11 16:59:01.355 CET: VPDN CALL [uid:876]: Free request
--
For reference:
xl2tpd.conf:
—
[global]
ipsec saref = yes
listen-addr = 217.69.89.90
[lns default]
ip range = <range>
local ip = <local ip>
require authentication = yes
require chap = yes
require pap = no
refuse authentication = no
refuse chap = no
refuse pap = yes
name = ipsec01
ppp debug = yes
length bit = yes
pppoptfile = /etc/ppp/options.xl2tpd
—
l2tp-secrets:
—
# Secrets for authenticating l2tp tunnels
# us them secret
# * marko blah2
# zeus marko blah
# * * interop
* * <secret>
--
options.xl2tpd:
—
ipcp-accept-local
ipcp-accept-remote
ms-dns <ns01>
ms-dns <ns02>
noccp
auth
crtscts
idle 1800
mtu 1200
mru 1200
nodefaultroute
debug
lock
proxyarp
connect-delay 5000
plugin radius.so
—
Has anyone a hint how to fix this?
Best Regards
Philipp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140111/9e0cf306/attachment.html>
More information about the Users
mailing list