Hi, I want to setup an l2tp vpn server using strongswan to be used for my Virtualbox virtual machines.
My computer ip is 192.168.56.1 and my guset os ip is: 192.168.56.2.
I installed strongswan and l2tpd in kubuntu 11.10 with following configuration:
ipsec.conf:
Code:
version 2
config setup
nat_traversal=no
plutostart=yes
charonstart=yes
conn L2TP-VPN
type=transport
keyexchange=ikev1
keyingtries=3
pfs=no
rekey=no
authby=secret
left=192.168.56.1
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
rightsubnetwithin=0.0.0.0/0
auto=add
include /var/lib/strongswan/ipsec.conf.inc
ipsec.secrets:
Code:
# This file holds shared secrets or RSA private keys for inter-Pluto
# authentication. See ipsec_pluto(8) manpage, and HTML documentation.
# RSA private key for this host, authenticating it to any other host
# which knows the public part. Suitable public keys, for ipsec.conf, DNS,
# or configuration of other implementations, can be extracted conveniently
# with "ipsec showhostkey".
# this file is managed with debconf and will contain the automatically created private key
include /var/lib/strongswan/ipsec.secrets.inc
192.168.56.1 %any : "123456789"
xl2tpd.conf:
Code:
[global]
port = 1701
listen-addr = 192.168.56.1
ipsec saref = no
[lns default]
ip range = 172.16.45.2-255
local ip = 172.16.45.1
require authentication = no
refuse pap = no
require chap = no
pppoptfile = /etc/ppp/options.xl2tpd
ppp debug = yes
name = test
length bit = yes
options.xl2tp:
Code:
require-mschap-v2
asyncmap 0
auth
crtscts
idle 1800
lock
hide-password
modem
debug
name test
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4
mtu 1410
mru 1410
connect-delay 500
chap-secrets:
Code:
# Secrets for authentication using CHAP
# client server secret IP addresses
1 * 1 *
"10s90122456" * "723362"
"7f126310" * "383829"
"10s90122452" * "035420"
"7f126321" * "483485"
"10s90122451" * "291941"
I also add the following rules to iptables firewall:
Code:
iptables -A INPUT -i vboxnet0 -p esp -j ACCEPT
iptables -A INPUT -i vboxnet0 -p udp --dport 500 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p tcp --dport 500 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p udp --dport 4500 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p udp --dport 1701 -j ACCEPT
iptables -A INPUT -i vboxnet0 -p tcp --dport 1723 -j ACCEPT
But when I try to connect to my VPN Server in guest OS(Windows XP SP3), It hangs for a long time and after that I receive error 792.
what's the problem? can anyone help me?