LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-08-2017, 04:30 AM   #1
nana12
LQ Newbie
 
Registered: Feb 2017
Posts: 7

Rep: Reputation: Disabled
How to connect VPN Client to VPN Server


I have VPN server using Openswan with address 103.19.208.247

Then, i want connect my laptop (CENTOS) with IP 103.19.208.243 to VPN server. Here my configuration:

/etc/ipsec.conf
Code:
    config setup

    protostack=netkey

    dumpdir=/var/run/pluto

    nat_traversal=yes virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4: 25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10

    conn L2TP-PSK

    authby=secret

    pfs=no

    auto=add

    keyingtries=3

    ikelifetime=8h

    rekey=no

    type=transport

    left=103.19.208.243

    leftprotoport=17/1701

    right=103.19.208.247

    rightprotoport=17/1701

    dpddelay=10

    dpdtimeout=90

    dpdaction=clear


/etc/ipsec.secrets

Code:
 103.19.208.243 103.19.208.247: PSK "vpnku"


/etc/xl2tpd/xl2tpd.conf

Code:
 [lac vpn-connection]

    lns=103.19.208.247

    ppp debug = yes

    pppoptfile = /etc/ppp/options.xl2tpd

    length bit = yes
/etc/ppp/options.xl2tpd

Code:
 ipcp-accept-local

    ipcp-accept-remote

    require-mschap-v2

    refuse-pap

    ms-dns 8.8.8.8

    noccp

    auth

    crtscts

    idle 1800

    mtu 1410

    mru 1410

    nodefaultroute

    debug

    lock

    proxyarp

    connect-delay 5000

    name lele (myvpn username)

    password nana1234 (my vpn password)


and when i type:ipsec auto --up L2TP-PSK

002 "L2TP-PSK" #10: initiating Quick Mode PSK+ENCRYPT+DONT_REKEY+UP+IKEV1_ALLOW+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW {using isakmp#1 msgid:ed53b5a6 proposal=defaults pfsgroup=no-pfs} 117 "L2TP-PSK" #10: STATE_QUICK_I1: initiate 010 "L2TP-PSK" #10: STATE_QUICK_I1: retransmission; will wait 500ms for response 010 "L2TP-PSK" #10: STATE_QUICK_I1: retransmission; will wait 1000ms for response 010 "L2TP-PSK" #10: STATE_QUICK_I1: retransmission; will wait 2000ms for response 010 "L2TP-PSK" #10: STATE_QUICK_I1: retransmission; will wait 4000ms for response 010 "L2TP-PSK" #10: STATE_QUICK_I1: retransmission; will wait 8000ms for response 010 "L2TP-PSK" #10: STATE_QUICK_I1: retransmission; will wait 16000ms for response 010 "L2TP-PSK" #10: STATE_QUICK_I1: retransmission; will wait 32000ms for response 031 "L2TP-PSK" #10: max number of retransmissions (8) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal 000 "L2TP-PSK" #10: starting keying attempt 2 of at most 3, but releasing whack

What should i do to solve this problem to connect my VPNServer?

Thank you
 
Old 07-08-2017, 01:52 PM   #2
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,513

Rep: Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009
It looks like you're not connecting at all. Is there some reason you hard coded the user and pass? You might have to open the port openswan uses.
 
Old 07-09-2017, 06:47 PM   #3
nana12
LQ Newbie
 
Registered: Feb 2017
Posts: 7

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by AwesomeMachine View Post
It looks like you're not connecting at all. Is there some reason you hard coded the user and pass? You might have to open the port openswan uses.
I just looked the tutorial of how to connecting my VPN client to server on https://wiki.archlinux.org/index.php...N_client_setup


How to solve that problem? I tried to find the solution on Google but i can't find that.
 
Old 07-09-2017, 07:07 PM   #4
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,513

Rep: Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009
Are there firewalls on the two machines?
 
Old 07-09-2017, 07:14 PM   #5
nana12
LQ Newbie
 
Registered: Feb 2017
Posts: 7

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by AwesomeMachine View Post
Are there firewalls on the two machines?
Yes, There are. But, i stopped that firewall and when i check, the firewall was stopped
 
Old 07-10-2017, 12:06 AM   #6
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,513

Rep: Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009
The both firewalls must to allow vpn or you have to stop both firewalls.
 
Old 07-10-2017, 12:12 AM   #7
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,233
Blog Entries: 4

Rep: Reputation: 3260Reputation: 3260Reputation: 3260Reputation: 3260Reputation: 3260Reputation: 3260Reputation: 3260Reputation: 3260Reputation: 3260Reputation: 3260Reputation: 3260
"Quick Mode" is a well-intentioned weak link in this type of VPN. Try disabling it on both sides.
 
Old 07-10-2017, 01:52 AM   #8
nana12
LQ Newbie
 
Registered: Feb 2017
Posts: 7

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by AwesomeMachine View Post
The both firewalls must to allow vpn or you have to stop both firewalls.
My firewall on Server side and client side allow vpn and was stopped. But, the error still same
 
Old 07-10-2017, 01:53 AM   #9
nana12
LQ Newbie
 
Registered: Feb 2017
Posts: 7

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by sundialsvcs View Post
"Quick Mode" is a well-intentioned weak link in this type of VPN. Try disabling it on both sides.
How to disabling that Quick mode?
 
Old 07-12-2017, 12:22 AM   #10
Hanlin_58
Guest
 
Posts: n/a
Am happy reading this post
 
  


Reply

Tags
centos, client, openswan, xl2tpd


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
PPTP Packets from the VPN Client Cannot Reach the VPN server SubZeroJake Linux - Networking 1 05-14-2012 06:52 PM
VPN client should not connect to special server nima0102 Linux - Networking 3 02-20-2009 11:31 AM
pptp client does not connect to poptop vpn server atomixx Linux - Networking 0 09-24-2008 04:56 AM
Configure Linux VPN Server for a Windows VPN Client xbaez Linux - Networking 4 04-28-2006 03:29 PM
How do i connect Ciscos VPN client to Checkpoint VPN server Klas Linux - Networking 1 11-29-2003 08:00 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 12:36 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration