Setting up VPN client: L2TP with IPsec
Posted
by
zachar
on Super User
See other posts from Super User
or by zachar
Published on 2013-11-09T14:48:20Z
Indexed on
2013/11/09
15:59 UTC
Read the original article
Hit count: 330
I've got to connect to vpn server. It works on Windows, but in Ubuntu 10.04 not. Number of options is confusing for me. There is the input that I have:
IP Address of VPN
Pre-shared key to authenticate
Information that MS-CHAPv2 is used
Login and Password to VPN
I was trying to achive that with network manager
and with L2TP IPsec VPN Manager 1.0.9
but at failed. There is some logged information from L2TP IPsec VPN Manager 1.0.9
:
Nov 09 15:21:46.854 ipsec_setup: Stopping Openswan IPsec...
Nov 09 15:21:48.088 Stopping xl2tpd: xl2tpd.
Nov 09 15:21:48.132 ipsec_setup: Starting Openswan IPsec U2.6.23/K2.6.32-49-generic...
Nov 09 15:21:48.308 ipsec__plutorun: Starting Pluto subsystem...
Nov 09 15:21:48.318 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Nov 09 15:21:48.338 ipsec__plutorun: 002 added connection description "my_vpn_name"
Nov 09 15:21:48.348 ipsec__plutorun: 003 NAT-Traversal: Trying new style NAT-T
Nov 09 15:21:48.348 ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19)
Nov 09 15:21:48.349 ipsec__plutorun: 003 NAT-Traversal: Trying old style NAT-T
Nov 09 15:21:48.994 104 "my_vpn_name" #1: STATE_MAIN_I1: initiate
Nov 09 15:21:48.994 003 "my_vpn_name" #1: received Vendor ID payload [RFC 3947] method set to=109
Nov 09 15:21:48.994 003 "my_vpn_name" #1: received Vendor ID payload [Dead Peer Detection]
Nov 09 15:21:48.994 106 "my_vpn_name" #1: STATE_MAIN_I2: sent MI2, expecting MR2
Nov 09 15:21:48.994 003 "my_vpn_name" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): i am NATed
Nov 09 15:21:48.994 108 "my_vpn_name" #1: STATE_MAIN_I3: sent MI3, expecting MR3
Nov 09 15:21:48.994 004 "my_vpn_name" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
Nov 09 15:21:48.995 117 "my_vpn_name" #2: STATE_QUICK_I1: initiate
Nov 09 15:21:48.995 004 "my_vpn_name" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0x0c96795d <0x483e1a42 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}
Nov 09 15:21:49.996 [ERROR 210] Failed to open l2tp control file 'c my_vpn_name'
and from syslog
:
Nov 9 15:21:46 o99 L2tpIPsecVpnControlDaemon: Opening client connection
Nov 9 15:21:46 o99 L2tpIPsecVpnControlDaemon: Executing command ipsec setup stop
Nov 9 15:21:46 o99 ipsec_setup: Stopping Openswan IPsec...
Nov 9 15:21:48 o99 kernel: [ 4350.245171] NET: Unregistered protocol family 15
Nov 9 15:21:48 o99 ipsec_setup: ...Openswan IPsec stopped
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Command ipsec setup stop finished with exit code 0
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Executing command invoke-rc.d xl2tpd stop
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Command invoke-rc.d xl2tpd stop finished with exit code 0
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Opening client connection
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Closing client connection
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Executing command ipsec setup start
Nov 9 15:21:48 o99 kernel: [ 4350.312483] NET: Registered protocol family 15
Nov 9 15:21:48 o99 ipsec_setup: Starting Openswan IPsec U2.6.23/K2.6.32-49-generic...
Nov 9 15:21:48 o99 ipsec_setup: Using NETKEY(XFRM) stack
Nov 9 15:21:48 o99 kernel: [ 4350.410774] Initializing XFRM netlink socket
Nov 9 15:21:48 o99 kernel: [ 4350.413601] padlock: VIA PadLock not detected.
Nov 9 15:21:48 o99 kernel: [ 4350.427311] padlock: VIA PadLock Hash Engine not detected.
Nov 9 15:21:48 o99 kernel: [ 4350.441533] padlock: VIA PadLock not detected.
Nov 9 15:21:48 o99 ipsec_setup: ...Openswan IPsec started
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Command ipsec setup start finished with exit code 0
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Executing command invoke-rc.d xl2tpd start
Nov 9 15:21:48 o99 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Nov 9 15:21:48 o99 pluto: adjusting ipsec.d to /etc/ipsec.d
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Command invoke-rc.d xl2tpd start finished with exit code 0
Nov 9 15:21:48 o99 ipsec__plutorun: 002 added connection description "my_vpn_name"
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Executing command ipsec auto --ready
Nov 9 15:21:48 o99 ipsec__plutorun: 003 NAT-Traversal: Trying new style NAT-T
Nov 9 15:21:48 o99 ipsec__plutorun: 003 NAT-Traversal: ESPINUDP(1) setup failed for new style NAT-T family IPv4 (errno=19)
Nov 9 15:21:48 o99 ipsec__plutorun: 003 NAT-Traversal: Trying old style NAT-T
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Command ipsec auto --ready finished with exit code 0
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Executing command ipsec auto --up my_vpn_name
Nov 9 15:21:48 o99 L2tpIPsecVpnControlDaemon: Command ipsec auto --up my_vpn_name finished with exit code 0
Nov 9 15:21:49 o99 L2tpIPsecVpnControlDaemon: Closing client connection
Can anyone tell me something more about that? Where is the mistake?
© Super User or respective owner