Oct  3 13:44:36 myserver pluto[20703]: packet from y.y.y.y:35118: received Vendor ID payload [RFC 3947] method set to=109 
Oct  3 13:44:36 myserver pluto[20703]: packet from y.y.y.y:35118: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110 
Oct  3 13:44:36 myserver pluto[20703]: packet from y.y.y.y:35118: ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
Oct  3 13:44:36 myserver pluto[20703]: packet from y.y.y.y:35118: ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
Oct  3 13:44:36 myserver pluto[20703]: packet from y.y.y.y:35118: ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
Oct  3 13:44:36 myserver pluto[20703]: packet from y.y.y.y:35118: ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
Oct  3 13:44:36 myserver pluto[20703]: packet from y.y.y.y:35118: ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
Oct  3 13:44:36 myserver pluto[20703]: packet from y.y.y.y:35118: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 110
Oct  3 13:44:36 myserver pluto[20703]: packet from y.y.y.y:35118: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110
Oct  3 13:44:36 myserver pluto[20703]: packet from y.y.y.y:35118: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110
Oct  3 13:44:36 myserver pluto[20703]: packet from y.y.y.y:35118: received Vendor ID payload [Dead Peer Detection]
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[3] y.y.y.y #3: responding to Main Mode from unknown peer y.y.y.y
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[3] y.y.y.y #3: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[3] y.y.y.y #3: STATE_MAIN_R1: sent MR1, expecting MI2
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[3] y.y.y.y #3: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): both are NATed
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[3] y.y.y.y #3: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[3] y.y.y.y #3: STATE_MAIN_R2: sent MR2, expecting MI3
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[3] y.y.y.y #3: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[3] y.y.y.y #3: Main mode peer ID is ID_IPV4_ADDR: '10.253.70.92'
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[3] y.y.y.y #3: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: deleting connection "L2TP-PSK-NAT" instance with peer y.y.y.y {isakmp=#0/ipsec=#0}
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: new NAT mapping for #3, was y.y.y.y:35118, now y.y.y.y:35119
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
Oct  3 13:44:36 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: Dead Peer Detection (RFC 3706): enabled
Oct  3 13:44:37 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: the peer proposed: x.x.x.x/32:17/1701 -> 10.253.70.92/32:17/0
Oct  3 13:44:37 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #4: responding to Quick Mode proposal {msgid:943855fe}
Oct  3 13:44:37 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #4:     us: 10.0.0.0/16===x.x.x.x<x.x.x.x>[+S=C]:17/1701
Oct  3 13:44:37 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #4:   them: y.y.y.y[10.253.70.92,+S=C]:17/52993===?
Oct  3 13:44:37 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #4: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Oct  3 13:44:37 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #4: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Oct  3 13:44:37 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #4: Dead Peer Detection (RFC 3706): enabled
Oct  3 13:44:37 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #4: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Oct  3 13:44:37 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #4: STATE_QUICK_R2: IPsec SA established transport mode {ESP/NAT=>0x0297243d <0xb4400829 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=y.y.y.y:35119 DPD=enabled}
Oct  3 13:44:57 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: received Delete SA(0x0297243d) payload: deleting IPSEC State #4
Oct  3 13:44:57 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy eroute_connection delete inbound was too long: 100 > 36
Oct  3 13:44:57 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy eroute_connection delete inbound was too long: 100 > 36
Oct  3 13:44:57 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: netlink recvfrom() of response to our XFRM_MSG_DELPOLICY message for policy unk255.10000@x.x.x.x was too long: 168 > 36
Oct  3 13:44:57 myserver pluto[20703]: | raw_eroute result=0 
Oct  3 13:44:57 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: received and ignored informational message
Oct  3 13:44:57 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y #3: received Delete SA payload: deleting ISAKMP State #3
Oct  3 13:44:57 myserver pluto[20703]: "L2TP-PSK-NAT"[4] y.y.y.y: deleting connection "L2TP-PSK-NAT" instance with peer y.y.y.y {isakmp=#0/ipsec=#0}
Oct  3 13:44:57 myserver pluto[20703]: packet from y.y.y.y:35119: received and ignored informational message

version	2.0	

config setup
	nat_traversal=yes
	virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
	oe=off
	protostack=netkey
	
conn L2TP-PSK-NAT
    rightsubnet=vhost:%priv
    also=L2TP-PSK-noNAT

conn L2TP-PSK-noNAT
    authby=secret
    pfs=no
    auto=add
    keyingtries=3
    rekey=no
    # Apple doesnt send delete notify
    dpddelay=30
    dpdtimeout=120
    dpdaction=clear
    ikelifetime=8h
    keylife=1h
    type=transport
    left= x.x.x.x
    leftsubnet=10.0.0.0/16
    leftprotoport=17/1701
    # Right = remote user
    right=%any
    rightprotoport=17/%any
    forceencaps=yes

[global]							
ipsec saref = yes
listen-addr = x.x.x.x
[lns default]							
ip range = 10.0.8.1-10.0.8.255
local ip = 10.0.2.2
refuse chap = yes
refuse pap = yes
require authentication = yes
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes

require-mschap-v2
ms-dns 8.8.8.8
ms-dns 8.8.4.4
asyncmap 0
auth
crtscts
lock
hide-password
modem
debug
name l2tpd
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4

x.x.x.x %any: PSK "myipsecpassword"

myusername * mypassword *

Version check and ipsec on-path                             	[OK]
Linux Openswan U2.6.23/K2.6.32-51-generic-pae (netkey)
Checking for IPsec support in kernel                        	[OK]
NETKEY detected, testing for disabled ICMP send_redirects   	[OK]
NETKEY detected, testing for disabled ICMP accept_redirects 	[OK]
Checking for RSA private key (/etc/ipsec.secrets)           	[OK]
Checking that pluto is running                              	[OK]
Pluto listening for IKE on udp 500                          	[OK]
Pluto listening for NAT-T on udp 4500                       	[OK]
Two or more interfaces found, checking IP forwarding        	[OK]
Checking NAT and MASQUERADEing                              
Checking for 'ip' command                                   	[OK]
Checking for 'iptables' command                             	[OK]
Opportunistic Encryption Support                            	[DISABLED]