dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1235
share rss forum feed

shams

join:2013-01-11
23000

xl2tpd and openswan setup problem?

I setup the xl2tpd and openswan in debian wheezy but i didn't work these are the configuration files:
ipsec.conf:

version 2.0
config setup 
      dumpdir=/var/run/pluto/
      nat_traversal=yes
      virtual_private=%v4:10.0.0.0/8,%v4:192.168.1.0/24,%v4:172.16.0.0/12
      oe=off
      protostack=netkey
      plutostderrlog=/var/log/pluto.log
      interfaces="%defaultroute"
 
conn L2TP-PSK-NAT
 
      rightsubnet=vhost:%priv
      also=mypc
 
conn  mypec
      
      authby=secret
      pfs=no
      auto=add
      keyingtries=3
      rekey=no
      ikelifetime=8h
      keylife=1h
      type=transport
      left=%defaultroute
      leftnexthop=%defaultroute
      leftprotoport=17/1701
      leftsourceip=192.168.1.1
      leftsubnet=192.168.1.0/24
      right=217.147.94.149
      rightid=217.147.94.149
      rightprotoport=17/1701
 

/etc/xl2tpd/xl2tpd.conf:
[global]
port = 1701 
ipsec saref = yes
[lac securitykiss]
lns = 217.147.94.149
ip range = 10.1.2.2-10.1.2.255
assign ip = yes
require chap = yes
refuse pap = yes
require authentication = yes
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
 

/etc/ipsecret.secrets:
217.147.94.149 %any : PSK "presshared_key"
 

this is the "ipsec auto --up mypc" command output:
104 "mypc" #1: STATE_MAIN_I1: initiate
003 "mypc" #1: ignoring unknown Vendor ID payload [882fe56d6fd20dbc2251613b2ebe5beb]
003 "mypc" #1: received Vendor ID payload [XAUTH]
003 "mypc" #1: received Vendor ID payload [Dead Peer Detection]
003 "mypc" #1: received Vendor ID payload [RFC 3947] method set to=109 
106 "mypc" #1: STATE_MAIN_I2: sent MI2, expecting MR2
003 "mypc" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
108 "mypc" #1: STATE_MAIN_I3: sent MI3, expecting MR3
004 "mypc" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}
117 "mypc" #2: STATE_QUICK_I1: initiate
004 "mypc" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0xc973e201 <0x5eb0330a xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}
 
with ifconfig there is pppx for the tunnel, any help please?