On Thursday 19 Dec 2013 14:27:28 cov...@ccs.covici.com wrote: > Hi. I am trying to configure l2tp-isec to a server and although it > works in Winblows, whenever I put c followed by the name, it times out. > I am not seeing any particular bad messages, except that netlink says 20 > bytes left over after parsing attributes, but there seems to be no > solution to that. I am using openswan plus xl2tp. > > > How can I troubleshoot this, or should I post my configs here? > > Thanks in advance for any suggestions.
Have you followed suggestions relevant to openswan and xl2tpd here? http://wiki.gentoo.org/wiki/IPsec_L2TP_VPN_server Increase the verbosity of the openswan debugging to see if ipsec is established, or why it fails. If the ipsec association is established, then check the x2ltp configuration and set 'debug tunnel = yes' to get more information from it, or start it as 'xl2tpd -D' to get some useful information until you get it going. However, if you are using Windows >=7 then it may be better to install and run StrongSwan with IKEv2 on Linux, which MSWindows can now support natively and do away with L2TP all together. Openswan also supports IKEv2. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
