Results 1 to 6 of 6

Thread: Not sure if xltpd is running l2tp over ipsec openswan vpn configuration issues

  1. #1
    Join Date
    Nov 2009
    Beans
    1

    Not sure if xltpd is running l2tp over ipsec openswan vpn configuration issues

    I've been working on setting up a vpn using openswan (or strongswan) fro the past week now. I've been running the windows server vpn solution for years, so I'm pretty sure it's not router.

    I'm trying to implement my solution behind a firewall and more likely than not clients will also be behind a firewall trying to connect.

    I've tried two solutions (openswan and strongswan)

    I can seemingly get the ipsec to establish over NAT-T with openswan, but it stops at that point and is't almost like xl2tpd isn't even running.

    With the strongswan configuration I can't get ipsec to work outside my network, but when in my network i can get the whole thing to work.

    So my main question is, has anyone setup an openswan vpn with xl2tpd and the auth.log file stopped at this message

    "L2TP-PSK-NAT"[2] xxx.xxx.xxx.xxx #2: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x0197c0dd <0xcf147379 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=xxx.xxx.xxx.xxx:4500 DPD=none}

    Thanks,

    Kristofer

  2. #2
    Join Date
    Jul 2006
    Beans
    190
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: Not sure if xltpd is running l2tp over ipsec openswan vpn configuration issues

    Exactly the same problem here. IPSec tunnel is created OK, but xl2tpd never seems to do anything -- no logs, nothing to show it is even alive.

    Did you manage to solve the problem?

  3. #3
    Join Date
    Jan 2008
    Beans
    1

    Re: Not sure if xltpd is running l2tp over ipsec openswan vpn configuration issues

    Don't know if either of you solved the problem, but for the benefit of anyone else reading this:

    I had exactly the same problem. IPsec tunnel seemed to be set up ok, but xl2tpd didn't seem to react in any way to a connection attempt. This turned out to be caused by my firewall blocking UDP port 1701 (the l2tp listening port). After I enabled that, the VPN tunnel worked like a charm.

    Note that I used strongswan, but I'm sure openswan would be similar. The firewall settings I needed to allow, overall, were
    - Protocol 50 (ESP)
    - Ports 500/udp, 4500/udp and 1701/udp

    If you're using the Shorewall firewall, it has macros for these (IPsecnat and L2TP).

    .....Ron

  4. #4
    Join Date
    Dec 2008
    Location
    USA
    Beans
    524
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Not sure if xltpd is running l2tp over ipsec openswan vpn configuration issues

    I'm getting the same log message.

    I have all three ports forwarded and the vpn pass-through checked (allowed (i think that will take care of prot 50)

    However, I don't see any difference.
    I don' really like coffee. I guess I'll give my Ubuntu beans to my wife.

    Luke

  5. #5
    Join Date
    May 2008
    Location
    Atlantic City, NJ
    Beans
    25
    Distro
    Ubuntu 10.10 Maverick Meerkat

    Re: Not sure if xltpd is running l2tp over ipsec openswan vpn configuration issues

    Does my guide for openswan help at all?

    http://ubuntuforums.org/showthread.p...penswan+iphone

  6. #6
    Join Date
    Jun 2005
    Beans
    223

    Re: Not sure if xltpd is running l2tp over ipsec openswan vpn configuration issues

    I had the same problem and this solved it for me (problem with the Windows client):

    https://lists.openswan.org/pipermail...ly/020774.html

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •