Ubuntu 13.10 - unable to connect to VPN after upgrade

Bug #1238597 reported by AndreK on 2013-10-11
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
L2TP over IPsec VPN Manager
Undecided
Unassigned

Bug Description

I used L2TP IPsec VPN Manager until upgrading to 13.10 it worked. now it does not work. The l2tp/ipsec server (Fortigate firewall, logs everything as just fine, then says the client disconnected.)

The line "IPCP terminated by peer (Unauthorized remote IP address)" - makes no sense, the IP is provided by the FW, and is from the right pool. also, FW does not log any problem. Finally: connecting to the same FW using Android - works fine.

Nov 21 11:58:16.839 ipsec_setup: Stopping Openswan IPsec...
Nov 21 11:58:18.580 Stopping xl2tpd: xl2tpd.
Nov 21 11:58:18.581 xl2tpd[19495]: death_handler: Fatal signal 15 received
Nov 21 11:58:18.612 ipsec_setup: Starting Openswan IPsec U2.6.38/K3.11.0-13-generic...
Nov 21 11:58:18.886 ipsec_plutorun: Starting Pluto subsystem...
Nov 21 11:58:18.892 ipsec_plutorun: adjusting ipsec.d to /etc/ipsec.d
Nov 21 11:58:18.900 recvref[30]: Protocol not available
Nov 21 11:58:18.900 xl2tpd[21494]: This binary does not support kernel L2TP.
Nov 21 11:58:18.901 xl2tpd[21497]: xl2tpd version xl2tpd-1.3.1 started on andre-OptiPlex-990 PID:21497
Nov 21 11:58:18.902 xl2tpd[21497]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Nov 21 11:58:18.902 xl2tpd[21497]: Forked by Scott Balmos and David Stipp, (C) 2001
Nov 21 11:58:18.902 xl2tpd[21497]: Inherited by Jeff McAdams, (C) 2002
Nov 21 11:58:18.902 xl2tpd[21497]: Forked again by Xelerance (www.xelerance.com) (C) 2006
Nov 21 11:58:18.902 xl2tpd[21497]: Listening on IP address 0.0.0.0, port 1701
Nov 21 11:58:18.903 Starting xl2tpd: xl2tpd.
Nov 21 11:58:19.031 ipsec__plutorun: 002 added connection description "Valhall"
Nov 21 11:58:19.386 104 "Valhall" #1: STATE_MAIN_I1: initiate
Nov 21 11:58:19.387 003 "Valhall" #1: received Vendor ID payload [RFC 3947] method set to=115
Nov 21 11:58:19.387 003 "Valhall" #1: received Vendor ID payload [Dead Peer Detection]
Nov 21 11:58:19.387 003 "Valhall" #1: ignoring unknown Vendor ID payload [8299031757a36082c6a621de000402a0]
Nov 21 11:58:19.387 106 "Valhall" #1: STATE_MAIN_I2: sent MI2, expecting MR2
Nov 21 11:58:19.388 003 "Valhall" #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): i am NATed
Nov 21 11:58:19.388 108 "Valhall" #1: STATE_MAIN_I3: sent MI3, expecting MR3
Nov 21 11:58:19.388 004 "Valhall" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
Nov 21 11:58:19.388 117 "Valhall" #2: STATE_QUICK_I1: initiate
Nov 21 11:58:19.388 003 "Valhall" #2: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME msgid=0530bd3b
Nov 21 11:58:19.389 003 "Valhall" #2: NAT-Traversal: received 2 NAT-OA. ignored because peer is not NATed
Nov 21 11:58:19.389 004 "Valhall" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0xea9d24b4 <0xc36d9ff6 xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none DPD=none}
Nov 21 11:58:20.391 xl2tpd[21497]: Connecting to host mydomain.com, port 1701
Nov 21 11:58:20.461 xl2tpd[21497]: Connection established to x.x.x.199, 1701. Local: 46031, Remote: 3 (ref=0/0).
Nov 21 11:58:20.461 xl2tpd[21497]: Calling on tunnel 46031
Nov 21 11:58:20.529 xl2tpd[21497]: Call established with x.x.x.199, Local: 65516, Remote: 4, Serial: 1 (ref=0/0)
Nov 21 11:58:20.529 xl2tpd[21497]: start_pppd: I'm running:
Nov 21 11:58:20.530 xl2tpd[21497]: "/usr/sbin/pppd"
Nov 21 11:58:20.530 xl2tpd[21497]: "passive"
Nov 21 11:58:20.530 xl2tpd[21497]: "nodetach"
Nov 21 11:58:20.530 xl2tpd[21497]: ":"
Nov 21 11:58:20.531 xl2tpd[21497]: "file"
Nov 21 11:58:20.531 xl2tpd[21497]: "/etc/ppp/Valhall.options.xl2tpd"
Nov 21 11:58:20.531 xl2tpd[21497]: "ipparam"
Nov 21 11:58:20.531 xl2tpd[21497]: "x.x.x.199"
Nov 21 11:58:20.532 xl2tpd[21497]: "/dev/pts/5"
Nov 21 11:58:20.539 pppd[21544]: Plugin passprompt.so loaded.
Nov 21 11:58:20.547 pppd[21544]: pppd 2.4.5 started by root, uid 0
Nov 21 11:58:20.548 pppd[21544]: Using interface ppp0
Nov 21 11:58:20.548 pppd[21544]: Connect: ppp0 <--> /dev/pts/5
Nov 21 11:58:23.693 pppd[21544]: Deflate (15) compression enabled
Nov 21 11:58:23.754 pppd[21544]: local IP address 192.168.1.141
Nov 21 11:58:23.755 pppd[21544]: remote IP address 192.168.1.140
Nov 21 11:58:23.755 pppd[21544]: primary DNS address x.x.x.x
Nov 21 11:58:23.755 pppd[21544]: secondary DNS address x.x.x.x
Nov 21 11:58:23.761 pppd[21544]: IPCP terminated by peer (Unauthorized remote IP address)
Nov 21 11:58:23.761 pppd[21544]: Connect time 0.0 minutes.
Nov 21 11:58:23.762 pppd[21544]: Sent 0 bytes, received 34 bytes.
Nov 21 11:58:23.831 pppd[21544]: LCP terminated by peer (No network protocols running)
Nov 21 11:58:24.048 xl2tpd[21497]: control_finish: Connection closed to x.x.x.199, serial 1 ()
Nov 21 11:58:24.049 xl2tpd[21497]: Terminating pppd: sending TERM signal to pid 21544
Nov 21 11:58:24.049 pppd[21544]: Modem hangup
Nov 21 11:58:24.049 pppd[21544]: Connection terminated.
Nov 21 11:58:24.074 pppd[21544]: Terminating on signal 15
Nov 21 11:58:24.075 pppd[21544]: Exit.

AndreK (andre-k) on 2013-11-21
description: updated
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers