1 |
On Thursday 19 Dec 2013 14:27:28 covici@××××××××××.com wrote: |
2 |
> Hi. I am trying to configure l2tp-isec to a server and although it |
3 |
> works in Winblows, whenever I put c followed by the name, it times out. |
4 |
> I am not seeing any particular bad messages, except that netlink says 20 |
5 |
> bytes left over after parsing attributes, but there seems to be no |
6 |
> solution to that. I am using openswan plus xl2tp. |
7 |
> |
8 |
> |
9 |
> How can I troubleshoot this, or should I post my configs here? |
10 |
> |
11 |
> Thanks in advance for any suggestions. |
12 |
|
13 |
|
14 |
Have you followed suggestions relevant to openswan and xl2tpd here? |
15 |
|
16 |
http://wiki.gentoo.org/wiki/IPsec_L2TP_VPN_server |
17 |
|
18 |
Increase the verbosity of the openswan debugging to see if ipsec is |
19 |
established, or why it fails. |
20 |
|
21 |
If the ipsec association is established, then check the x2ltp configuration |
22 |
and set 'debug tunnel = yes' to get more information from it, or start it as |
23 |
'xl2tpd -D' to get some useful information until you get it going. |
24 |
|
25 |
|
26 |
However, if you are using Windows >=7 then it may be better to install and run |
27 |
StrongSwan with IKEv2 on Linux, which MSWindows can now support natively and |
28 |
do away with L2TP all together. Openswan also supports IKEv2. |
29 |
|
30 |
-- |
31 |
Regards, |
32 |
Mick |