Gentoo Archives: gentoo-user

From: Mick <michaelkintzios@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] problem with l2tp-isec
Date: Thu, 19 Dec 2013 15:05:25
Message-Id: 201312191504.50766.michaelkintzios@gmail.com
In Reply to: [gentoo-user] problem with l2tp-isec by covici@ccs.covici.com
1 On Thursday 19 Dec 2013 14:27:28 covici@××××××××××.com wrote:
2 > Hi. I am trying to configure l2tp-isec to a server and although it
3 > works in Winblows, whenever I put c followed by the name, it times out.
4 > I am not seeing any particular bad messages, except that netlink says 20
5 > bytes left over after parsing attributes, but there seems to be no
6 > solution to that. I am using openswan plus xl2tp.
7 >
8 >
9 > How can I troubleshoot this, or should I post my configs here?
10 >
11 > Thanks in advance for any suggestions.
12
13
14 Have you followed suggestions relevant to openswan and xl2tpd here?
15
16 http://wiki.gentoo.org/wiki/IPsec_L2TP_VPN_server
17
18 Increase the verbosity of the openswan debugging to see if ipsec is
19 established, or why it fails.
20
21 If the ipsec association is established, then check the x2ltp configuration
22 and set 'debug tunnel = yes' to get more information from it, or start it as
23 'xl2tpd -D' to get some useful information until you get it going.
24
25
26 However, if you are using Windows >=7 then it may be better to install and run
27 StrongSwan with IKEv2 on Linux, which MSWindows can now support natively and
28 do away with L2TP all together. Openswan also supports IKEv2.
29
30 --
31 Regards,
32 Mick

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-user] problem with l2tp-isec covici@××××××××××.com