i installed openswan and xl2tpd packages on me centos.but when i start xl2tpd it does not listen to port 1702.here's the output of xl2tpd -D:
Code:
[root@centos devilboy]# xl2tpd -D
xl2tpd[5050]: Enabling IPsec SAref processing for L2TP transport mode SAs
xl2tpd[5050]: IPsec SAref does not work with L2TP kernel mode yet, enabling forceuserspace=yes
xl2tpd[5050]: setsockopt recvref[30]: Protocol not available
xl2tpd[5050]: This binary does not support kernel L2TP.
xl2tpd[5050]: xl2tpd version xl2tpd-1.3.1 started on centos.domain.org PID:5050
xl2tpd[5050]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[5050]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[5050]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[5050]: Forked again by Xelerance (www.xelerance.com) (C) 2006
xl2tpd[5050]: Listening on IP address 0.0.0.0, port 1701
and this my xl2tpd.conf file:
Code:
;
; This is a minimal sample xl2tpd configuration file for use
; with L2TP over IPsec.
;
; The idea is to provide an L2TP daemon to which remote Windows L2TP/IPsec
; clients connect. In this example, the internal (protected) network
; is 192.168.1.0/24. A special IP range within this network is reserved
; for the remote clients: 192.168.1.128/25
; (i.e. 192.168.1.128 ... 192.168.1.254)
;
; The listen-addr parameter can be used if you want to bind the L2TP daemon
; to a specific IP address instead of to all interfaces. For instance,
; you could bind it to the interface of the internal LAN (e.g. 192.168.1.98
; in the example below). Yet another IP address (local ip, e.g. 192.168.1.99)
; will be used by xl2tpd as its address on pppX interfaces.
[global]
;listen-addr = 192.168.62.128
;
; requires openswan-2.5.18 or higher - Also does not yet work in combination
; with kernel mode l2tp as present in linux 2.6.23+
ipsec saref = yes
; Use refinfo of 22 if using an SAref kernel patch based on openswan 2.6.35 or
; when using any of the SAref kernel patches for kernels up to 2.6.35.
; ipsec refinfo = 30
;
; forceuserspace = yes
;
; debug tunnel = yes
[lns default]
ip range = 10.1.1.200-10.1.1.210
local ip = 10.1.1.10
refuse chap = yes
refuse pap = yes
require authentication = yes
name = LinuxVPNserver
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
also : internal eth1=10.1.1.10, external eth0=192.168.62.128