LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
 
Search this Thread
Old 02-07-2013, 06:50 AM   #1
shams
Member
 
Registered: Jan 2004
Posts: 412

Rep: Reputation: 30
how direct all the trafic throught l2tp tunnel?


After a lot effort i configured the xl2tpd and openwan for my dialup connection with the dynamic and external interface ppp0 in debian wheezy.
The problem now is all trafic ddin't use the tunnel this is the log for xl2tpd tunnel:
this is pluto.log show ipsec connection established with the vpn server:
Quote:
added connection description "L2tp-Client"
listening for IKE messages
adding interface ppp0/ppp0 117.105.228.14:500
adding interface ppp0/ppp0 117.105.228.14:4500
adding interface eth0/eth0 192.168.1.1:500
adding interface eth0/eth0 192.168.1.1:4500
adding interface lo/lo 127.0.0.1:500
adding interface lo/lo 127.0.0.1:4500
adding interface lo/lo ::1:500
loading secrets from "/etc/ipsec.secrets"
"L2tp-Client" #1: initiating Main Mode
"L2tp-Client" #1: received Vendor ID payload [XAUTH]
"L2tp-Client" #1: received Vendor ID payload [Dead Peer Detection]
"L2tp-Client" #1: received Vendor ID payload [RFC 3947] method set to=109
"L2tp-Client" #1: enabling possible NAT-traversal with method 4
"L2tp-Client" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
"L2tp-Client" #1: STATE_MAIN_I2: sent MI2, expecting MR2
"L2tp-Client" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
"L2tp-Client" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
"L2tp-Client" #1: STATE_MAIN_I3: sent MI3, expecting MR3
"L2tp-Client" #1: Main mode peer ID is ID_IPV4_ADDR: '46.165.221.230'
"L2tp-Client" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
"L2tp-Client" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048}
"L2tp-Client" #2: initiating Quick Mode PSK+ENCRYPT+DONTREKEY+UP+IKEv2ALLOW+SAREFTRACK {using isakmp#1 msgid:9480cacb proposal=defaults pfsgroup=no-pfs}
"L2tp-Client" #2: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
"L2tp-Client" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0xc9cc7029 <0x24b5bf92 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}
This is the ip routing table:
Quote:
# ip route show
default dev ppp0 scope link
46.165.221.117.104.228.2230 via 117.104.228.14 dev ppp0 src 117.105.228.14
117.105.228.2 dev ppp0 proto kernel scope link src 117.105.228.14
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.1
46.165.221.230 is the vpn server ip and 117.105.228.2 my isp ip, this is the daemon.log:
Quote:
Feb 7 17:21:22 mypc xl2tpd[10555]: Terminating pppd: sending TERM signal to pid 12904
Feb 7 17:21:22 mypc avahi-daemon[2317]: Withdrawing workstation service for ppp1.
Feb 7 17:21:22 mypc NetworkManager[2161]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/ppp1, iface: ppp1)
Feb 7 17:21:32 mypc xl2tpd[10555]: Calling on tunnel 63548
Feb 7 17:21:33 mypc xl2tpd[10555]: Call established with 46.165.221.230, Local: 23476, Remote: 48679, Serial: 93 (ref=0/0)
Feb 7 17:21:33 mypc xl2tpd[10555]: start_pppd: I'm running
Feb 7 17:21:33 mypc xl2tpd[10555]: start_pppd: I'm running:
Feb 7 17:21:33 mypc xl2tpd[10555]: "/usr/sbin/pppd"
Feb 7 17:21:33 mypc xl2tpd[10555]: "passive"
Feb 7 17:21:33 mypc xl2tpd[10555]: "nodetach"
Feb 7 17:21:33 mypc xl2tpd[10555]: ":"
Feb 7 17:21:33 mypc xl2tpd[10555]: "refuse-pap"
Feb 7 17:21:33 mypc xl2tpd[10555]: "auth"
Feb 7 17:21:33 mypc xl2tpd[10555]: "require-chap"
Feb 7 17:21:33 mypc xl2tpd[10555]: "name"
Feb 7 17:21:33 mypc xl2tpd[10555]: "client01855155"
Feb 7 17:21:33 mypc xl2tpd[10555]: "debug"
Feb 7 17:21:33 mypc xl2tpd[10555]: "file"
Feb 7 17:21:33 mypc xl2tpd[10555]: "/etc/ppp/options.xl2tpd"
Feb 7 17:21:33 mypc xl2tpd[10555]: "ipparam"
Feb 7 17:21:33 mypc xl2tpd[10555]: "46.165.221.230"
Feb 7 17:21:33 mypc xl2tpd[10555]: "/dev/pts/3"
Feb 7 17:21:33 mypc NetworkManager[2161]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/ppp1, iface: ppp1)
Feb 7 17:21:33 mypc NetworkManager[2161]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/ppp1, iface: ppp1): no ifupdown configuration found.
Feb 7 17:21:35 mypc avahi-daemon[2317]: Withdrawing workstation service for ppp1.
Feb 7 17:21:35 mypc NetworkManager[2161]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/ppp1, iface: ppp1)
Feb 7 17:21:35 mypc NetworkManager[2161]: SCPlugin-Ifupdown: devices added (path: /sys/devices/virtual/net/ppp1, iface: ppp1)
Feb 7 17:21:35 mypc NetworkManager[2161]: SCPlugin-Ifupdown: device added (path: /sys/devices/virtual/net/ppp1, iface: ppp1): no ifupdown configuration found.
Feb 7 17:21:35 mypc xl2tpd[10555]: control_finish: Connection closed to 46.165.221.230, serial 93 ()
Feb 7 17:21:35 mypc xl2tpd[10555]: Terminating pppd: sending TERM signal to pid 12919
Feb 7 17:21:35 mypc avahi-daemon[2317]: Withdrawing workstation service for ppp1.
Feb 7 17:21:35 mypc NetworkManager[2161]: SCPlugin-Ifupdown: devices removed (path: /sys/devices/virtual/net/ppp1, iface: ppp1
this is the tcpdump -i ppp0 output:
Quote:
17:15:35.442873 IP mypc.myuser.net.l2f > 46.165.221.230.l2f: l2tp:[L](8799/25120) {LCP, Term-Request (0x05), id 2, length 46}
17:15:35.451090 IP 46.165.221.230.l2f > mypc.myuser.net.l2f: l2tp:[L](63548/37428) {LCP, Term-Request (0x05), id 2, length 27}
17:15:35.451652 IP mypc.myuser.net.l2f > 46.165.221.230.l2f: l2tp:[L](8799/25120) {LCP, Term-Ack (0x06), id 2, length 6}
17:15:35.637073 IP 196.7.148.13.27088 > mypc.myuser.net.51413: UDP, length 287
17:15:35.637290 IP mypc.myuser.net.51413 > c-67-160-63-201.hsd1.wa.comcast.net.62227: UDP, length 58
17:15:35.637334 IP mypc.myuser.net.51413 > 85-168-126-230.rev.numericable.fr.51413: UDP, length 58
17:15:35.880023 IP 46.165.221.230.l2f > mypc.myuser.net.l2f: l2tp:[L](63548/37428) {LCP, Term-Ack (0x06), id 2, length 6}
17:15:35.900978 IP mypc.myuser.net.l2f > 46.165.221.230.l2f: l2tp:[L](8799/25120) {LCP, Conf-Request (0x01), id 3, length 26}
17:15:35.953044 IP 46.165.221.230.l2f > mypc.myuser.net.l2f: l2tp:[TLS](63548/37428)Ns=48,Nr=50 *MSGTYPE(CDN) *RESULT_CODE(1/0) *ASSND_SESS_ID(25120)
17:15:35.953274 IP mypc.myuser.net.l2f > 46.165.221.230.l2f: l2tp:[TLS](8799/25120)Ns=50,Nr=49 ZLB
17:15:35.982017 IP 85-168-126-230.rev.numericable.fr.51413 > mypc.myuser.net.51413: UDP, length 49
17:15:36.397919 IP 2.Red-79-155-91.dynamicIP.rima-tde.net.24948 > mypc.myuser.net.14212: UDP, length 101

525735654, win 14600, options [mss 1460,sackOK,TS val 9310587 ecr 0,nop,wscale 4], length 0
17:15:38.069654 IP 217.118.24.61.openvpn > mypc.myuser.net.43521: Flags [R.], seq 0, ack 525735655, win 0, length 0
17:15:40.423655 IP mypc.myuser.net.50427 > 208.67.222.222.domain: 14+ PTR? 201.63.160.67.in-addr.arpa. (44)
17:15:40.785210 IP 208.67.222.222.domain > mypc.myuser.net.50427: 14 1/0/0 PTR c-67-160-63-201.hsd1.wa.comcast.net. (93)
17:15:40.786112 IP mypc.myuser.net.37202 > 208.67.222.222.domain: 3981+ PTR? 230.126.168.85.in-addr.arpa. (45)
17:15:41.122153 IP 208.67.222.222.domain > mypc.myuser.net.37202: 3981 1/0/0 PTR 85-168-126-230.rev.numericable.fr. (92)
17:15:41.123265 IP mypc.myuser.net.53353 > 208.67.222.222.domain: 4648+ PTR? 2.91.155.79.in-addr.arpa. (42)
17:15:41.475082 IP 208.67.222.222.domain > mypc.myuser.net.53353: 4648 1/0/0 PTR 2.Red-79-155-91.dynamicIP.rima-tde.net. (94)
17:15:42.742874 IP cou82-4-78-249-210-57.fbx.proxad.net.45682 > mypc.myuser.net.14212: UDP, length 103
17:15:42.743522 IP mypc.myuser.net.61843 > 208.67.222.222.domain: 37644+ PTR? 57.210.249.78.in-addr.arpa. (44)
17:15:43.078836 IP 208.67.222.222.domain > mypc.myuser.net.61843: 37644 1/0/0 PTR cou82-4-78-249-210-57.fbx.proxad.net. (94)
How i can direct all the trafic throught the xl2tpd tunnel please?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
l2tp and openswan tunnel problem? shams Linux - Networking 2 06-26-2013 07:26 AM
Opening a L2TP/PPTP tunnel from debian to win 2003 hq4ever Linux - Networking 2 01-23-2006 05:13 PM
Trafic shaper ... how ? sys7em Linux - Networking 0 01-24-2005 06:35 PM
connect throught X rafalek *BSD 5 11-25-2003 01:31 AM
trafic limits gekkie_007 Linux - Networking 1 02-23-2003 05:06 AM


All times are GMT -5. The time now is 01:34 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration