[Openswan Users] xl2tp authentication problem with Cisco LAC

Michael Richardson mcr at sandelman.ca
Fri Aug 28 10:32:34 EDT 2015

Chris Maverley <c.maverley at permanet.ie> wrote:
    > I need to establish a l2tp tunnel from a cisco LAC. The l2tp tunnel
    > needs to be authenticated. We are using the correct shared secret but
    > I can’t get past this error. The CHAP challenge is failing. Everthing
    > works if we don’t use l2tp tunnel authentication.

As far as I can see, you aren't running this inside Openswan/IPsec.
I'm not sure what the problem is with interoperation with the LAC,
but I don't think this is an IPsec issue.

    > Aug 25 16:01:30 pnetadmin-ProLiant-DL160-Gen9 xl2tpd[18563]:
    > control_finish: Connection closed to, port 1701 (process
    > challenge response failed mismatch), Local: 41428, Remote: 62103

This seems to be using the L2TP authentication, which I'm sure that
L2TP-over-IPsec uses never excercise, I'm not surprised if it fails.

]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr at sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

More information about the Users mailing list