xl2tpd ko

Dear bug reporter,

could you please try to contact some Ubuntu developer on this issue as I'm not familiar with the policy of Ubuntu regarding such a process.

Kind regards
Harald Jenny

Dear Support,
the problem is present in Ubuntu 10.04 LTS with Linux Openswan U2.6.23.
L2tp answers unencrypted....here an example:

***********************************************************

Connection log

***********************************************************

May 26 08:49:09 BG00-VPN03 pluto[4720]: packet from 84.142.YYY.ZZZ:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]

May 26 08:49:09 BG00-VPN03 pluto[4720]: packet from 84.142.YYY.ZZZ:500: ignoring Vendor ID payload [FRAGMENTATION]

May 26 08:49:09 BG00-VPN03 pluto[4720]: packet from 84.142.YYY.ZZZ:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106

May 26 08:49:09 BG00-VPN03 pluto[4720]: packet from 84.142.YYY.ZZZ:500: ignoring Vendor ID payload [Vid-Initial-Contact]

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[1] 84.142.YYY.ZZZ #4: responding to Main Mode from unknown peer 84.142.YYY.ZZZ

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[1] 84.142.YYY.ZZZ #4: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[1] 84.142.YYY.ZZZ #4: STATE_MAIN_R1: sent MR1, expecting MI2

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[1] 84.142.YYY.ZZZ #4: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is NATed

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[1] 84.142.YYY.ZZZ #4: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[1] 84.142.YYY.ZZZ #4: STATE_MAIN_R2: sent MR2, expecting MI3

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[1] 84.142.YYY.ZZZ #4: Main mode peer ID is ID_FQDN: '@wks-se-test01.BLOCK-Gruppe.de'

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[1] 84.142.YYY.ZZZ #4: switched from "client-xp" to "client-xp"

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[2] 84.142.YYY.ZZZ #4: deleting connection "client-xp" instance with peer 84.142.YYY.ZZZ {isakmp=#0/ipsec=#0}

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[2] 84.142.YYY.ZZZ #4: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3

May 26 08:49:09 BG00-VPN03 pluto[4720]: "servit-seeburger1" #1: new NAT mapping for #1, was 213.144.25.3:500, now 84.142.YYY.ZZZ:4500

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[2] 84.142.YYY.ZZZ #4: new NAT mapping for #4, was 84.142.YYY.ZZZ:500, now 84.142.YYY.ZZZ:4500

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[2] 84.142.YYY.ZZZ #4: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[2] 84.142.YYY.ZZZ #4: peer client type is FQDN

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[2] 84.142.YYY.ZZZ #4: Applying workaround for MS-818043 NAT-T bug

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[2] 84.142.YYY.ZZZ #4: IDci was FQDN: \301\237\257\270, using NAT_OA=192.168.1.219/32 as IDci

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[2] 84.142.YYY.ZZZ #4: the peer proposed: 193.159.XXX.YYY/32:17/1701 -> 192.168.1.219/32:17/1701

May 26 08:49:09 BG00-VPN03 pluto[4720]: "client-xp"[2] 84.142.YYY.ZZZ #5: ...

Sorry, I'm not completely familiar with the issue reporting process. Actually I though reporting issue in the bug tracker was the proper way to contact Ubuntu developers.

Now to come back on the issue, I kept on compiling Openswan few time after each new release and using this version. It's been working fine for me. I guess you could just use a packet from maverick, oneirick or natty. The latest version (I think 2.6.37) fixes quite few issues which worth using it.