Packet flooding while configuring a Debian L2TP/IPSec client?
- by Joseph B.
I'm currently at my wits end trying to configure an L2TP over IPSec VPN connection on my Debian using openswan and xl2tp box connecting to a server of unknown configuration.
I've managed to successfully establish the connection and everything appears to be working well until I attempt to set the VPN connection as my default route, at which point I see a massive flood of packets simultaneously being transmitted (on the tune of ~1.5 GB in about 2min) until the server drops my connection. Prior to this network traffic on all my interfaces is minimal.
According to iftop the majority of this traffic appears to be coming out of port 12, although I can't seem to figure out how to finger a specific process. If I instead just route traffic destined for 74.0.0.0/8 through it I'm able to access Google's servers through the VPN without issue.
My xl2tp.conf file is:
[lac vpn-nl]
lns = example.vpn.com
name = myusername
pppoptfile = /etc/ppp/options.l2tpd.client
My options.l2tpd.client file is:
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-mschap-v2
noccp
noauth
idle 1800
mtu 1410
mru 1410
usepeerdns
lock
name myusername
password mypassword
connect-delay 5000
And my routing table looks like:
Destination Gateway Genmask Flags Metric Ref Use Iface
10.5.2.1 * 255.255.255.255 UH 0 0 0 ppp0
10.0.50.0 * 255.255.255.0 U 0 0 0 eth0
10.50.0.0 * 255.255.0.0 U 0 0 0 eth0
10.0.0.0 * 255.255.0.0 U 0 0 0 eth0
192.168.0.0 * 255.255.0.0 U 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default * 0.0.0.0 U 0 0 0 ppp0
I'm seeing absolutely nothing in auth.log and syslog during this time and can't seem to find any other log files it might be writing to.
Any suggestions would be appreciated!
