LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page xl2tpd on CentOS --> listen port
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 02-19-2012, 10:42 AM   #1
devilboy09
Member
 
Registered: Nov 2011
Location: Iran
Distribution: Debian, CentOS, LFS, CloudLinux
Posts: 377

Rep: Reputation: 10
xl2tpd on CentOS --> listen port

i installed openswan and xl2tpd packages on me centos.but when i start xl2tpd it does not listen to port 1702.here's the output of xl2tpd -D:
Code:
[root@centos devilboy]# xl2tpd -D
xl2tpd[5050]: Enabling IPsec SAref processing for L2TP transport mode SAs
xl2tpd[5050]: IPsec SAref does not work with L2TP kernel mode yet, enabling forceuserspace=yes
xl2tpd[5050]: setsockopt recvref[30]: Protocol not available
xl2tpd[5050]: This binary does not support kernel L2TP.
xl2tpd[5050]: xl2tpd version xl2tpd-1.3.1 started on centos.domain.org PID:5050
xl2tpd[5050]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[5050]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[5050]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[5050]: Forked again by Xelerance (www.xelerance.com) (C) 2006
xl2tpd[5050]: Listening on IP address 0.0.0.0, port 1701
and this my xl2tpd.conf file:
Code:
;
; This is a minimal sample xl2tpd configuration file for use
; with L2TP over IPsec.
;
; The idea is to provide an L2TP daemon to which remote Windows L2TP/IPsec
; clients connect. In this example, the internal (protected) network 
; is 192.168.1.0/24.  A special IP range within this network is reserved
; for the remote clients: 192.168.1.128/25
; (i.e. 192.168.1.128 ... 192.168.1.254)
;
; The listen-addr parameter can be used if you want to bind the L2TP daemon
; to a specific IP address instead of to all interfaces. For instance,
; you could bind it to the interface of the internal LAN (e.g. 192.168.1.98
; in the example below). Yet another IP address (local ip, e.g. 192.168.1.99)
; will be used by xl2tpd as its address on pppX interfaces.

[global]
;listen-addr = 192.168.62.128
;
; requires openswan-2.5.18 or higher - Also does not yet work in combination
; with kernel mode l2tp as present in linux 2.6.23+
ipsec saref = yes
; Use refinfo of 22 if using an SAref kernel patch based on openswan 2.6.35 or
;  when using any of the SAref kernel patches for kernels up to 2.6.35.
; ipsec refinfo = 30
;
; forceuserspace = yes
;
; debug tunnel = yes

[lns default]
ip range = 10.1.1.200-10.1.1.210
local ip = 10.1.1.10
refuse chap = yes
refuse pap = yes
require authentication = yes
name = LinuxVPNserver
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes
also : internal eth1=10.1.1.10, external eth0=192.168.62.128
 
Old 02-20-2012, 01:02 AM   #2
devilboy09
Member
 
Registered: Nov 2011
Location: Iran
Distribution: Debian, CentOS, LFS, CloudLinux
Posts: 377

Original Poster
Rep: Reputation: 10
i think the problem is the kernel, cause when i issue ipsec verify i get this error:
Code:
[root@centos devilboy]# ipsec verify
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path                                 [OK]
Linux Openswan U2.6.21/K(no kernel code presently loaded)
Checking for IPsec support in kernel                            [FAILED]
Checking for RSA private key (/etc/ipsec.secrets)               [OK]
Checking that pluto is running                                  [FAILED]
  whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
Two or more interfaces found, checking IP forwarding            [FAILED]
  whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
Checking NAT and MASQUERADEing                              
Checking for 'ip' command                                       [OK]
Checking for 'iptables' command                                 [OK]

Opportunistic Encryption DNS checks:
   Looking for TXT in forward dns zone: centos.domain.org       [MISSING]
   Does the machine have at least one non-private address?      [FAILED]
any suggestion how can i resolve that ?
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Listen to a port rediff08 Linux - Newbie 9 07-11-2011 03:51 PM
What port does KVM listen on? Red Squirrel Linux - Software 4 01-18-2011 01:23 AM
Warning: remote port forwarding failed for listen port 7869 windstory Linux - Newbie 1 08-02-2010 10:07 AM
MULTICAST address and port, socket listen only on port? jf.argentino Linux - Networking 2 03-09-2009 12:42 PM
Port won't Listen dvong3 Linux - Networking 4 05-12-2004 12:18 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 08:45 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration