Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Since weeks i want to setup l2tp tunnel with xl2tpd and openswan in debian wheezy, the external interface is ppp0 with dynamic ip and the internal interface is eth0 with ip address 192.168.1.1.
l2tp server give me the user_id, password and preshared psk_key with it's ip 217.147.94.149.
The ipsec log show the connection is established but there is no pppx interface, these are the configuration and log files:
ipsec.conf:
# ipsec auto --up xltunnel
104 "xltunnel" #1: STATE_MAIN_I1: initiate
003 "xltunnel" #1: ignoring unknown Vendor ID payload [882fe56d6fd20dbc2251613b2ebe5beb]
003 "xltunnel" #1: received Vendor ID payload [XAUTH]
003 "xltunnel" #1: received Vendor ID payload [Dead Peer Detection]
003 "xltunnel" #1: received Vendor ID payload [RFC 3947] method set to=109
106 "xltunnel" #1: STATE_MAIN_I2: sent MI2, expecting MR2
003 "xltunnel" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
108 "xltunnel" #1: STATE_MAIN_I3: sent MI3, expecting MR3
004 "xltunnel" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}
117 "xltunnel" #2: STATE_QUICK_I1: initiate
004 "xltunnel" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0xced0d73f <0x0e8bd6f4 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}
Quote:
# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.6.37/K3.2.0-4-686-pae (netkey)
Checking for IPsec support in kernel [OK]
SAref kernel support [N/A]
NETKEY: Testing XFRM related proc values [FAILED]
Please disable /proc/sys/net/ipv4/conf/*/send_redirects
or NETKEY will cause the sending of bogus ICMP redirects!
[FAILED]
Please disable /proc/sys/net/ipv4/conf/*/accept_redirects
or NETKEY will accept bogus ICMP redirects!
[OK]
Checking that pluto is running [OK]
Pluto listening for IKE on udp 500 [OK]
Pluto listening for NAT-T on udp 4500 [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking /bin/sh is not /bin/dash [WARNING]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.