It is currently Thu Aug 17, 2017 9:17 pm

All times are UTC




Post new topic Reply to topic  [ 3 posts ] 
Author Message
PostPosted: Thu Jun 01, 2017 3:03 am 

Joined: Thu Jun 01, 2017 2:48 am
Posts: 6
Hi,

I am using OpenSWAN on an embedded device. I can connect as a client-to-site and it works fine, but when I add a "local ID" (ie IPSec ISAKMP Phase 1 ID) - even one that matches an l2tpv3 connection setup - the IPSec SA fails to establish correctly. I know this is l2tpv3 because 2 of these devices can be connected for site-to-site, the client (initiator) is using the same as what I am using to (try to) create the SofEther connection.

apropos server log file info below (some IPs masked).

The ONLY thing that has changed is the Phase 1 ID has been added AND it matches the server setup for l2tpv3.

Remove the phase 1 ID, and it connects fine (but not site-to-site, only client-to-site)

It doesn't matter what phase 1 ID I use (listed in l2tpv3 setup or not), I get the same thing happening.

It doesn't matter if I create an l2tpv3 with a * for phase 1 ID - still fails.

What am I missing?

2017-06-01 11:46:40.661 IPsec Client 305 (1.129.34.108:500 -> xxx.xxx.xxx.xxx:500): A new IPsec client is created.
2017-06-01 11:46:40.661 IPsec IKE Session (IKE SA) 288 (Client: 305) (1.129.34.108:500 -> xxx.xxx.xxx.xxx:500): A new IKE SA (Aggressive Mode) is created. Initiator Cookie: 0x1061DC12D4057BB8, Responder Cookie: 0xD3271B532ED8843E, DH Group: MODP 1024 (Group 2), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2017-06-01 11:46:40.661 IPsec Client 305 (1.129.34.108:500 -> xxx.xxx.xxx.xxx:500):
2017-06-01 11:46:50.662 IPsec IKE Session (IKE SA) 288 (Client: 305) (1.129.34.108:500 -> xxx.xxx.xxx.xxx:500): This IKE SA is deleted.
2017-06-01 11:46:50.662 IPsec Client 305 (1.129.34.108:500 -> xxx.xxx.xxx.xxx:500): This IPsec Client is deleted.
2017-06-01 11:47:01.231 L2TP PPP Session [1.129.96.170:61844]: A PPP protocol error occurred, or the PPP session has been disconnected.
2017-06-01 11:47:01.484 [HUB "MaxonVPN"] Session "SID-TEST1-[L2TP]-105": The session has been terminated. The statistical information is as follows: Total outgoing data size: 8024 bytes, Total incoming data size: 977 bytes.
2017-06-01 11:47:01.514 Connection "CID-514" terminated by the cause "The VPN session has been deleted. It is possible that either the administrator disconnected the session or the connection from the client to the VPN Server has been disconnected." (code 11).
2017-06-01 11:47:01.514 Connection "CID-514" has been terminated.
2017-06-01 11:47:01.514 The connection with the client (IP address 1.129.96.170, Port number 61844) has been disconnected.


Top
 Profile  
Reply with quote  
PostPosted: Thu Jun 15, 2017 5:01 am 

Joined: Mon Feb 24, 2014 11:03 am
Posts: 2292
Did you enable L2TPv3 function on the VPN server?


Top
 Profile  
Reply with quote  
PostPosted: Thu Jun 22, 2017 4:36 am 

Joined: Thu Jun 01, 2017 2:48 am
Posts: 6
Thanks for the reply, but I have found a solution anyway:
viewtopic.php?f=7&t=8350


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group
Return to www.softether.org