LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 05-11-2012, 03:27 PM   #1
AmirGooran
LQ Newbie
 
Registered: May 2012
Posts: 2

Rep: Reputation: Disabled
Unhappy Problem with setting L2TP VPN in kubuntu using strongswan


Hi, I want to setup an l2tp vpn server using strongswan to be used for my Virtualbox virtual machines.
My computer ip is 192.168.56.1 and my guset os ip is: 192.168.56.2.
I installed strongswan and l2tpd in kubuntu 11.10 with following configuration:

ipsec.conf:

Code:
version 2

config setup
 nat_traversal=no
 plutostart=yes
 charonstart=yes

conn L2TP-VPN
 type=transport
 keyexchange=ikev1
 keyingtries=3
 pfs=no
 rekey=no
 authby=secret
 left=192.168.56.1
 leftprotoport=17/1701
 right=%any
 rightprotoport=17/%any
 rightsubnetwithin=0.0.0.0/0
 auto=add

include /var/lib/strongswan/ipsec.conf.inc
ipsec.secrets:
Code:
# This file holds shared secrets or RSA private keys for inter-Pluto
# authentication.  See ipsec_pluto(8) manpage, and HTML documentation.

# RSA private key for this host, authenticating it to any other host
# which knows the public part.  Suitable public keys, for ipsec.conf, DNS,
# or configuration of other implementations, can be extracted conveniently
# with "ipsec showhostkey".

# this file is managed with debconf and will contain the automatically created private key
include /var/lib/strongswan/ipsec.secrets.inc

192.168.56.1	%any :	"123456789"
xl2tpd.conf:
Code:
[global]
 port = 1701
 listen-addr = 192.168.56.1
 ipsec saref = no

[lns default]
 ip range = 172.16.45.2-255
 local ip = 172.16.45.1
 require authentication = no
 refuse pap = no
 require chap = no
 pppoptfile = /etc/ppp/options.xl2tpd
 ppp debug = yes
 name = test
 length bit = yes
options.xl2tp:
Code:
require-mschap-v2
asyncmap 0
 auth
 crtscts
 idle 1800
 lock
 hide-password
 modem
 debug
 name test
 proxyarp
 lcp-echo-interval 30
 lcp-echo-failure 4
 mtu 1410
 mru 1410
 connect-delay 500
chap-secrets:
Code:
# Secrets for authentication using CHAP
# client	server	secret			IP addresses
1 * 1 *

"10s90122456"	*	"723362"
"7f126310"	*	"383829"
"10s90122452"	*	"035420"
"7f126321"	*	"483485"
"10s90122451"	*	"291941"
I also add the following rules to iptables firewall:
Code:
iptables -A INPUT -i vboxnet0 -p esp -j ACCEPT
iptables -A INPUT -i vboxnet0 -p udp --dport 500 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p tcp --dport 500 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p udp --dport 4500 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p udp --dport 1701 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p tcp --dport 1723 -j ACCEPT
But when I try to connect to my VPN Server in guest OS(Windows XP SP3), It hangs for a long time and after that I receive error 792.
what's the problem? can anyone help me?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Setting up a L2TP VPN server ratcateme Linux - Networking 5 06-26-2013 07:29 AM
Setting up L2TP over IPSec VPN server under CentOS 5.3 fantasygoat Linux - Networking 5 10-04-2012 04:08 PM
vpn l2tp aminbaik Linux - Networking 4 04-17-2012 09:21 AM
Setting up a VPN server (l2tp OR pptp) on arch linux mrwall-e Linux - Software 9 10-01-2010 05:45 AM
Setting up VPN in Kubuntu 6.10 sociopathicsolicitor Linux - Networking 1 02-23-2007 06:27 AM


All times are GMT -5. The time now is 09:35 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration