Ubuntu
l2tp-ipsec-vpn package

L2TP establishes connection (logged on firewall), then client gives up

Bug #1241386 reported by AndreK
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
l2tp-ipsec-vpn (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

According to FW (Fortigate), the connection is established and IP provided - no problem is logged there.
The L2TP client fails, and "closes connection" 1 sec later.

The same configuration worked fine before 13.10.

Here's the log, (only IP modified)
Please say so if I can help testing this problem.

Oct 18 09:09:50.285 ipsec_setup: Stopping Openswan IPsec...
Oct 18 09:09:52.011 xl2tpd[19761]: death_handler: Fatal signal 15 received
Oct 18 09:09:52.011 Stopping xl2tpd: xl2tpd.
Oct 18 09:09:52.036 ipsec_setup: Starting Openswan IPsec U2.6.38/K3.11.0-12-generic...
Oct 18 09:09:52.294 ipsec__plutorun: Starting Pluto subsystem...
Oct 18 09:09:52.303 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Oct 18 09:09:52.309 recvref[30]: Protocol not available
Oct 18 09:09:52.309 xl2tpd[21785]: This binary does not support kernel L2TP.
Oct 18 09:09:52.309 xl2tpd[21788]: xl2tpd version xl2tpd-1.3.1 started on andre-OptiPlex-990 PID:21788
Oct 18 09:09:52.311 xl2tpd[21788]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Oct 18 09:09:52.311 xl2tpd[21788]: Forked by Scott Balmos and David Stipp, (C) 2001
Oct 18 09:09:52.312 xl2tpd[21788]: Inherited by Jeff McAdams, (C) 2002
Oct 18 09:09:52.312 xl2tpd[21788]: Forked again by Xelerance (www.xelerance.com) (C) 2006
Oct 18 09:09:52.312 xl2tpd[21788]: Listening on IP address 0.0.0.0, port 1701
Oct 18 09:09:52.312 Starting xl2tpd: xl2tpd.
Oct 18 09:09:52.389 ipsec__plutorun: 002 added connection description "Valhall"
Oct 18 09:09:52.739 104 "Valhall" #1: STATE_MAIN_I1: initiate
Oct 18 09:09:52.739 003 "Valhall" #1: received Vendor ID payload [RFC 3947] method set to=115
Oct 18 09:09:52.739 003 "Valhall" #1: received Vendor ID payload [Dead Peer Detection]
Oct 18 09:09:52.740 003 "Valhall" #1: ignoring unknown Vendor ID payload [8299031757a36082c6a621de000402a0]
Oct 18 09:09:52.740 106 "Valhall" #1: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 18 09:09:52.740 003 "Valhall" #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): i am NATed
Oct 18 09:09:52.740 108 "Valhall" #1: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 18 09:09:52.740 004 "Valhall" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
Oct 18 09:09:52.741 117 "Valhall" #2: STATE_QUICK_I1: initiate
Oct 18 09:09:52.741 003 "Valhall" #2: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME msgid=49199769
Oct 18 09:09:52.741 003 "Valhall" #2: NAT-Traversal: received 2 NAT-OA. ignored because peer is not NATed
Oct 18 09:09:52.741 004 "Valhall" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0xf8e0d163 <0x62566dbe xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none DPD=none}
Oct 18 09:09:53.744 xl2tpd[21788]: Connecting to host wpn.dyndns.org, port 1701
Oct 18 09:09:53.816 xl2tpd[21788]: Connection established to xx.xx.199, 1701. Local: 27658, Remote: 11 (ref=0/0).
Oct 18 09:09:53.817 xl2tpd[21788]: Calling on tunnel 27658
Oct 18 09:09:53.921 xl2tpd[21788]: Call established with xx..xx.52.199, Local: 20912, Remote: 12, Serial: 1 (ref=0/0)
Oct 18 09:09:53.921 xl2tpd[21788]: start_pppd: I'm running:
Oct 18 09:09:53.921 xl2tpd[21788]: "/usr/sbin/pppd"
Oct 18 09:09:53.922 xl2tpd[21788]: "passive"
Oct 18 09:09:53.922 xl2tpd[21788]: "nodetach"
Oct 18 09:09:53.922 xl2tpd[21788]: ":"
Oct 18 09:09:53.922 xl2tpd[21788]: "file"
Oct 18 09:09:53.923 xl2tpd[21788]: "/etc/ppp/Valhall.options.xl2tpd"
Oct 18 09:09:53.923 xl2tpd[21788]: "ipparam"
Oct 18 09:09:53.923 xl2tpd[21788]: "xx.xx.52.199"
Oct 18 09:09:53.923 xl2tpd[21788]: "/dev/pts/3"
Oct 18 09:09:53.924 xl2tpd[21841]: start_pppd: Exec of /usr/sbin/pppd failed!
Oct 18 09:09:53.924 xl2tpd[21788]: child_handler : pppd exited for call 12 with code 1
Oct 18 09:09:53.924 xl2tpd[21788]: call_close: Call 20912 to xx.xx.52.199 disconnected
Oct 18 09:09:53.993 xl2tpd[21788]: Terminating pppd: sending TERM signal to pid 21841
Oct 18 09:09:54.026 xl2tpd[21788]: get_call: can't find call 20912 in tunnel 27658#012 (ref=0/0)
Oct 18 09:10:58.878 xl2tpd[21788]: Maximum retries exceeded for tunnel 27658. Closing.
Oct 18 09:10:58.878 [ERROR 410] Connection attempt to 'Valhall' timed out
Oct 18 09:10:58.878 xl2tpd[21788]: Connection 11 closed to xx.xx.52.199, port 1701 (Timeout)
Oct 18 09:11:03.881 xl2tpd[21788]: Unable to deliver closing message for tunnel 27658. Destroying anyway.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in l2tp-ipsec-vpn (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.