LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 04-20-2013, 01:38 AM   #1
freefall12
LQ Newbie
 
Registered: Apr 2012
Posts: 8

Rep: Reputation: Disabled
Setup a L2TP VPN server


Hello,i've been banging my heads against this issue for several days and i cannot get my L2TP VPN server working on a CENTOS VPS. i tried various tutorials but the problem remains the same. i can establish a l2tp connection (without ipsec encryption) with the VPN server from my Android phone and win8 desktop. but if i try to access the internet via the vpn server, the connection is terminated. also, i can not establish a l2tp connection using ipsec shared secrets.tcpdump -i eth0 -p 500 output the followings details:
c
, length 272)
xxxxxxxxxxxxxxxxxx.isakmp > 112.97.33.111.30462: [bad udp cksum 81fc!] isakmp 1.0 msgid 00000000 cookie 9f3842f5d727b94d->bf362731f6c9c0e0: phase 1 R ident:
(ke: key len=128 fdedaa8324c784ac37c36fb80d57c2851fdb7ae6fa719bd13d2e00816fea087707c0d894ccc73a7bd386cd52d6a5fc2041b0 158214d17bd8f759c47e2a0a1d1440f3992edb83dbd72b00edfaadff139b895e39f1641e29af5625cf0d9f62245a084f358b b4c97dfdeb2e7035ebbc5ab85816293359a6ecf6d02a8cc342631d3b)
(nonce: n len=32 f80e361e86be4089c138362404d321ec46167e90d9acf796e379ae9837bf7568)
(pay20)
(pay20)

i use the combination of strongswan and xl2tp.here is my config
/etc/strongswan/ipsec.conf

config setup
strictcrlpolicy=no

conn %default
ikelifetime=24h
keylife=24h
rekeymargin=9m
keyingtries=10
keyexchange=ikev2
dpdaction=clear
dpdtimeout=3600s
dpddelay=3600s
compress=yes

conn joyvpn
keyexchange=ikev1
rekey=no
type=tunnel
keyingtries=10
authby=secret
leftid=x.x.x.x
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
auto=add

/etc/xl2tpd/xl2tpd.conf

;
; This is a minimal sample xl2tpd configuration file for use
; with L2TP over IPsec.
;
; The idea is to provide an L2TP daemon to which remote Windows L2TP/IPsec
; clients connect. In this example, the internal (protected) network
; is 192.168.1.0/24. A special IP range within this network is reserved
; for the remote clients: 192.168.1.128/25
; (i.e. 192.168.1.128 ... 192.168.1.254)
;
; The listen-addr parameter can be used if you want to bind the L2TP daemon
; to a specific IP address instead of to all interfaces. For instance,
; you could bind it to the interface of the internal LAN (e.g. 192.168.1.98
; in the example below). Yet another IP address (local ip, e.g. 192.168.1.99)
; will be used by xl2tpd as its address on pppX interfaces.


; IMPORTANT: always set listen-addr to a specific address, to work around a
; udpfromto bug!!!


[global]
listen-addr = x.x.x.x
;
; requires openswan-2.5.18 or higher - Also does not yet work in combination
; with kernel mode l2tp as present in linux 2.6.23+
; ipsec saref = yes
; Use refinfo of 22 if using an SAref kernel patch based on openswan 2.6.35 or
; when using any of the SAref kernel patches for kernels up to 2.6.35.
; ipsec refinfo = 30
;
force userspace = yes
;
debug tunnel = yes

[lns default]
ip range = 192.168.122.128-192.168.122.254
local ip = 192.168.122.99
; leave chap unspecified for maximum compatibility with windows, iOS, etc
; require chap = yes
refuse pap = yes
require authentication = yes
name = LinuxVPNserver
ppp debug = yes
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes

Last edited by freefall12; 04-20-2013 at 01:39 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
L2TP/IPSec VPN Setup on Centos 6 ahm375 Linux - Networking 2 10-08-2013 07:58 AM
Setting up a L2TP VPN server ratcateme Linux - Networking 5 06-26-2013 07:29 AM
xl2tpd / ppp setup for an IPsec+L2TP VPn cchildress Linux - Networking 1 02-16-2013 06:17 PM
L2TP VPN Server on Centos vahab Linux - Server 1 12-23-2012 04:52 AM
L2TP VPN connections to an ISA Server kendoucet Linux - Networking 0 03-24-2004 08:07 AM


All times are GMT -5. The time now is 06:30 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration