Just a silly question do you have l2tp working
with any MS clients?
-----Original Message-----
From: Alexandru Coseru [mailto:[EMAIL PROTECTED]
Sent: 26 September 2003 12:23
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: l2tpd & Cisco (either a bug in l2tpd , either in Cisco)
Still having problems..
As you can see , only CISCO->CISCO works......... l2tpd and rp-l2tpd fails..
Here are some tcpdump's with different clients as LNS:
l2tpd:
13:55:23.648563 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP()
*BEARER_CAP() |...
13:55:23.650543 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *BEARER_CAP() |... (DF)
13:55:24.641670 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP()
*BEARER_CAP() |...
13:55:24.643236 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=0,Nr=1 ZLB (DF)
13:55:24.657155 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *BEARER_CAP() |... (DF)
13:55:25.656713 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *BEARER_CAP() |... (DF)
13:55:26.656280 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *BEARER_CAP() |... (DF)
13:55:26.657789 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP()
*BEARER_CAP() |...
13:55:26.659392 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=0,Nr=1 ZLB (DF)
13:55:27.655881 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *BEARER_CAP() |... (DF)
13:55:28.665659 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=1,Nr=1 *MSGTYPE(StopCCN) *ASSND_TUN_ID(30527)
*RESULT_CODE(1/0 Timeout) (DF)
13:55:29.674844 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=1,Nr=1 *MSGTYPE(StopCCN) *ASSND_TUN_ID(30527)
*RESULT_CODE(1/0 Timeout) (DF)
13:55:30.643006 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](0/0)Ns=1,Nr=0 *MSGTYPE(StopCCN) *ASSND_TUN_ID(29413) |...
13:55:30.674370 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=1,Nr=1 *MSGTYPE(StopCCN) *ASSND_TUN_ID(30527)
*RESULT_CODE(1/0 Timeout) (DF)
13:55:31.673990 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=1,Nr=1 *MSGTYPE(StopCCN) *ASSND_TUN_ID(30527)
*RESULT_CODE(1/0 Timeout) (DF)
13:55:32.673795 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](29413/0)Ns=1,Nr=1 *MSGTYPE(StopCCN) *ASSND_TUN_ID(30527)
*RESULT_CODE(1/0 Timeout) (DF)
rp-l2tpd:
13:57:10.057572 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP()
*BEARER_CAP() |...
13:57:10.058548 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:11.058788 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:11.091461 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP()
*BEARER_CAP() |...
13:57:11.092000 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:12.098277 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:13.059336 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP()
*BEARER_CAP() |...
13:57:13.059739 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:13.060132 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:14.067399 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:14.107313 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:16.076570 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:17.057727 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](0/0)Ns=1,Nr=0 *MSGTYPE(StopCCN) *ASSND_TUN_ID(27538) |...
13:57:17.058189 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:18.115585 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:20.084714 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:25.062483 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:26.121957 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
13:57:28.091069 93.38.97.39.1024 > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](27538/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS) *HOST_NAME(distinct) |... (DF)
CISCO:
14:13:07.515152 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP()
*BEARER_CAP() |...
14:13:07.517583 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](20038/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0) *FRAMING_CAP()
*BEARER_CAP() |... [tos 0xc0]
14:13:07.588525 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](12040/0)Ns=1,Nr=1 *MSGTYPE(SCCCN)
*CHALLENGE_RESP(a92a526bef764bbd5cb9f3a00b4ec3b2)
14:13:07.588554 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](12040/0)Ns=2,Nr=1 *MSGTYPE(ICRQ) *ASSND_SESS_ID(2943)
*CALL_SER_NUM(334102237) *BEARER_TYPE() |...
14:13:07.589708 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](20038/0)Ns=1,Nr=2 ZLB [tos 0xc0]
14:13:07.590526 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](20038/2943)Ns=1,Nr=3 *MSGTYPE(ICRP) *ASSND_SESS_ID(21) [tos 0xc0]
14:13:07.667796 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[TLS](12040/21)Ns=3,Nr=2 *MSGTYPE(ICCN) *TX_CONN_SPEED(0)
*FRAMING_TYPE(S) |...
14:13:07.669181 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[TLS](20038/0)Ns=2,Nr=4 ZLB [tos 0xc0]
14:13:07.740117 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[L](20038/2943) {Succ(1), Msg=}
14:13:07.740289 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[L](20038/2943) {Conf-Req(1), IP-Comp VJ-Comp, IP-Addr=93.38.97.39}
14:13:07.740446 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[L](20038/2943) {Conf-Req(1), MPPC}
14:13:07.950652 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[O](12040/21) {Conf-Req(4), MPPC}
14:13:07.952155 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[L](20038/2943) {Conf-Ack(4), MPPC}
14:13:08.010940 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[O](12040/21) {Conf-Req(5), IP-Comp VJ-Comp, IP-Addr=0.0.0.0,
Pri-DNS=0.0.0.0, Pri-NBNS=0.0.0.0, Sec-DNS=0.0.0.0, Sec-NBNS=0.0.0.0}
14:13:08.012615 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[L](20038/2943) {Conf-Rej(5), Pri-NBNS=0.0.0.0, Sec-NBNS=0.0.0.0}
14:13:08.031229 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[O](12040/21) {Conf-Ack(1), IP-Comp VJ-Comp, IP-Addr=93.38.97.39}
14:13:08.051092 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[O](12040/21) {Conf-Ack(1), MPPC}
14:13:08.451058 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[O](12040/21) {Conf-Req(6), IP-Comp VJ-Comp, IP-Addr=0.0.0.0,
Pri-DNS=0.0.0.0, Sec-DNS=0.0.0.0}
14:13:08.452889 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[L](20038/2943) {Conf-Nak(6), IP-Addr=193.138.97.50,
Pri-DNS=93.38.97.33, Sec-DNS=distinct}
14:13:08.710778 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
l2tp:[O](12040/21) {Conf-Req(7), IP-Comp VJ-Comp, IP-Addr=93.38.97.50,
Pri-DNS=93.38.97.33, Sec-DNS=distinct}
14:13:08.713737 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
l2tp:[L](20038/2943) {Conf-Ack(7), IP-Comp VJ-Comp, IP-Addr=93.38.97.50,
Pri-DNS=93.38.97.33, Sec-DNS=distinct}
Does anybody can help me ?
Regards
Alex
----- Original Message -----
From: "Thierry Coutelier" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, September 26, 2003 11:54 AM
Subject: Re: l2tpd & Cisco (either a bug in l2tpd , either in Cisco)
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Here is a patch to l2tp-0.69.tgz which solves this and some other bugs.
> It's used on live systems since 3 weeks and should be fine.
>
> ftp://ftp.linux.lu/pub/people/thierry/
> l2tp-0.69.tgz
> l2tp-0.70.tgz
> l2tp-patch-0.70.gz
>
>
> What has changed in more details:
> log -> print_log (to not clash with math log )
> Bug fix for some avp values (stringcopy was 8 instead of 6)
> Accept ZLB with no call number in a ZLB (problem with some CISCO)
> Support Offset size as with CISCO's latest IOS
> Added a new feature that writes a file to tell the system l2tpd is still
> alive.
> And some more. I'll change the CHANGELOG next time.
>
>
> Cressatti, Dominique wrote:
> | Which version are you using?
> | plain l2tpd or rp-l2tp ?
> | While I prefer l2tpd (and use it in production)
> | I know that though rp-l2tp lack many features
> | that l2tpd has, rp-l2tp is better coded (though
> | the code make high use of OOP and not easy
> | to understand by a casual C coder).
> |
> | If you don't use it may be you should give a go
> | at rp-l2tp.
> |
> | Dom
> |
> |
> |> -----Original Message-----
> |>From: Alexandru Coseru [mailto:[EMAIL PROTECTED]
> |>Sent: 25 September 2003 17:27
> |>To: [EMAIL PROTECTED]
> |>Subject: l2tpd & Cisco (either a bug in l2tpd , either in Cisco)
> |>
> |>I've traced the packets with tcpdump..
> |>A serious challenge problem occured... Actually , it seems that l2tpd
doesn't
> send a correct packet , or Cisco doesn't recognize it..
> |>
> |>
> |>Here is the dump with linux on my box:
> |>
> |>
> |>20:38:57.714971 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP()
*BEARER_CAP()
> |...
> |>20:38:57.719261 193.138.97.25.l2tp >
cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](9055/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS)
> *BEARER_CAP() |... (DF)
> |>20:38:58.723563 193.138.97.25.l2tp >
cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](9055/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS)
> *BEARER_CAP() |... (DF)
> |>20:38:59.708557 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP()
*BEARER_CAP()
> |...
> |>20:38:59.711237 193.138.97.25.l2tp >
cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](9055/0)Ns=0,Nr=1 ZLB (DF)
> |>20:38:59.723544 193.138.97.25.l2tp >
cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](9055/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS)
> *BEARER_CAP() |... (DF)
> |>20:39:00.723590 193.138.97.25.l2tp >
cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](9055/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS)
> *BEARER_CAP() |... (DF)
> |>20:39:01.723630 193.138.97.25.l2tp >
cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](9055/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0)
*FRAMING_CAP(AS)
> *BEARER_CAP() |... (DF)
> |>20:39:02.733793 193.138.97.25.l2tp >
cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](9055/0)Ns=1,Nr=1 *MSGTYPE(StopCCN) *ASSND_TUN_ID(9650)
*RESULT_CODE(1/0
> Timeout) (DF)
> |>20:39:03.719606 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[TLS](0/0)Ns=1,Nr=0 *MSGTYPE(StopCCN) *ASSND_TUN_ID(9055) |...
> |>20:39:03.743539 193.138.97.25.l2tp >
cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](9055/0)Ns=1,Nr=1 *MSGTYPE(StopCCN) *ASSND_TUN_ID(9650)
*RESULT_CODE(1/0
> Timeout) (DF)
> |>20:39:04.743571 193.138.97.25.l2tp >
cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](9055/0)Ns=1,Nr=1 *MSGTYPE(StopCCN) *ASSND_TUN_ID(9650)
*RESULT_CODE(1/0
> Timeout) (DF)
> |>20:39:05.743643 193.138.97.25.l2tp >
cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](9055/0)Ns=1,Nr=1 *MSGTYPE(StopCCN) *ASSND_TUN_ID(9650)
*RESULT_CODE(1/0
> Timeout) (DF)
> |>20:39:06.743656 193.138.97.25.l2tp >
cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](9055/0)Ns=1,Nr=1 *MSGTYPE(StopCCN) *ASSND_TUN_ID(9650)
*RESULT_CODE(1/0
> Timeout) (DF)
> |>
> |>
> |>
> |>
> |>
> |>
> |>
> |>
> |>
> |>Now , when I've replaced my linux box with a CISCO as5300:
> |>
> |>
> |>
> |>18:10:08.415406 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *PROTO_VER(1.0) *FRAMING_CAP()
*BEARER_CAP()
> |...
> |>18:10:08.417991 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](19412/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0) *FRAMING_CAP(
)
> *BEARER_CAP() |... [tos 0xc0]
> |>18:10:08.488531 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[TLS](39348/0)Ns=1,Nr=1 *MSGTYPE(SCCCN)
> *CHALLENGE_RESP(570bb6ffbd772b4312fe940f83eea853)
> |>18:10:08.488549 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[TLS](39348/0)Ns=2,Nr=1 *MSGTYPE(ICRQ) *ASSND_SESS_ID(1988)
> *CALL_SER_NUM(334101314) *BEARER_TYPE() |...>
> |>18:10:08.489931 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](19412/0)Ns=1,Nr=2 ZLB [tos 0xc0]
> |>18:10:08.490749 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](19412/1988)Ns=1,Nr=3 *MSGTYPE(ICRP) *ASSND_SESS_ID(17) [tos
0xc0]
> |>18:10:08.564244 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[TLS](39348/17)Ns=3,Nr=2 *MSGTYPE(ICCN) *TX_CONN_SPEED(0)
*FRAMING_TYPE(S) |...
> |>18:10:08.565959 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[TLS](19412/0)Ns=2,Nr=4 ZLB [tos 0xc0]
> |>18:10:08.702892 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[L](19412/1988) {Succ(1), Msg=}
> |>18:10:08.703099 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[L](19412/1988) {Conf-Req(1), IP-Comp VJ-Comp, IP-Addr=93.38.97.39}
> |>18:10:08.703261 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[L](19412/1988) {Conf-Req(1), MPPC}
> |>18:10:08.914152 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[O](39348/17) {Conf-Req(4), MPPC}
> |>18:10:08.915455 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[L](19412/1988) {Conf-Ack(4), MPPC}
> |>18:10:08.973531 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[O](39348/17) {Conf-Req(5), IP-Comp VJ-Comp, IP-Addr=0.0.0.0,
Pri-DNS=0.0.0.0,
> Pri-NBNS=0.0.0.0, Sec-DNS=0.0.0.0, Sec-NBNS=0.0.0.0}
> |>18:10:08.978174 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[L](19412/1988) {Conf-Rej(5), Pri-NBNS=0.0.0.0, Sec-NBNS=0.0.0.0}
> |>18:10:09.014178 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[O](39348/17) {Conf-Ack(1), MPPC}
> |>18:10:09.214760 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[O](39348/17) {Conf-Req(6), IP-Comp VJ-Comp, IP-Addr=0.0.0.0,
Pri-DNS=0.0.0.0,
> Sec-DNS=0.0.0.0}
> |>18:10:09.216125 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[L](19412/1988) {Conf-Nak(6), IP-Addr=193.138.97.50,
Pri-DNS=93.38.97.33,
> Sec-DNS=distinct}
> |>18:10:09.474985 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[O](39348/17) {Conf-Req(7), IP-Comp VJ-Comp, IP-Addr=93.38.97.50,
> Pri-DNS=93.38.97.33, Sec-DNS=distinct}
> |>18:10:09.476485 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[L](19412/1988) {Conf-Ack(7), IP-Comp VJ-Comp, IP-Addr=93.38.97.50,
> Pri-DNS=93.38.97.33, Sec-DNS=distinct}
> |>18:10:10.314644 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[O](39348/17) {}
> |>18:10:10.535429 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[O](39348/17) {}
> |>18:10:10.701403 93.38.97.39.l2tp > cdma-3g1x-176-105.zappmobile.ro.l2tp:
> l2tp:[L](19412/1988) {Conf-Req(2), IP-Comp VJ-Comp, IP-Addr=93.38.97.39}
> |>18:10:10.735067 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[O](39348/17) {}
> |>18:10:10.735074 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[O](39348/17) {}
> |>18:10:10.735081 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[O](39348/17) {}
> |>18:10:10.955555 cdma-3g1x-176-105.zappmobile.ro.l2tp > 93.38.97.39.l2tp:
> l2tp:[O](39348/17) {Conf-Req(8), IP-Comp VJ-Comp, IP-Addr=93.38.97.50,
> Pri-DNS=93.38.97.33, Sec-DNS=distinct}
> |>
> |>
> |>
> |>
> |>
> |>
> |>
> |>
> |>Of I can see , there is a challenge problem....
> |>
> |>
> |>Anybody know something ?
> |>
> |>Regards
> |> Alex
> |>
> |>
> |>
> |>
> |>
> |>----- Original Message -----
> |>From: Alexandru Coseru <mailto:[EMAIL PROTECTED]>
> |>To:
> |>Sent: Thursday, September 25, 2003 4:45 PM
> |>Subject: l2tpd & Cisco
> |>
> |>
> |>Hello ..
> |>
> |>I'm having some trouble with a cisco..
> |>It seems that cisco in not receiving what i'm sending (i've looked with
tcpdump
> and the packets are going to the right direction)...It keeps retrying
until it gets
> disconnected...
> |>
> |>
> |>
> |>Anybody ca give me some hints ?
> |>
> |>
> |>
> |>Regards
> |>Alex
> |>
> |>
> |>Here is the debug part..
> |>
> |>
> |>Sep 25 17:52:01 distinct l2tpd[7108]: This binary does not support
kernel L2TP.>
> |>Sep 25 17:52:01 distinct l2tpd[7108]: l2tpd version 0.69 started on
distinct PID:7108
> |>Sep 25 17:52:01 distinct l2tpd[7108]: Written by Mark Spencer, Copyright
(C) 1998,
> Adtran, Inc.
> |>Sep 25 17:52:01 distinct l2tpd[7108]: Forked by Scott Balmos and David
Stipp, (C) 2001
> |>Sep 25 17:52:01 distinct l2tpd[7108]: Inhereted by Jeff McAdams, (C)
2002
> |>Sep 25 17:52:01 distinct l2tpd[7108]: Linux version 2.4.19-16mdk on a
i686, port 1701
> |>Sep 25 17:52:12 distinct l2tpd[7108]: ourtid = 57158, entropy_buf = df46
> |>Sep 25 17:52:12 distinct l2tpd[7108]: check_control: control, cid = 0,
Ns = 0, Nr = 0
> |>Sep 25 17:52:12 distinct l2tpd[7108]: handle_avps: handling avp's for
tunnel 57158,
> call 0
> |>Sep 25 17:52:12 distinct l2tpd[7108]: message_type_avp: message type 1
> (Start-Control-Connection-Request)
> |>Sep 25 17:52:12 distinct l2tpd[7108]: protocol_version_avp: peer is
using version
> 1, revision 0.
> |>Sep 25 17:52:12 distinct l2tpd[7108]: framing_caps_avp: supported peer
frames:
> |>Sep 25 17:52:12 distinct l2tpd[7108]: bearer_caps_avp: supported peer
bearers:
> |>Sep 25 17:52:12 distinct l2tpd[7108]: firmware_rev_avp: peer reports
firmware
> version 4400 (0x1130)
> |>Sep 25 17:52:12 distinct l2tpd[7108]: hostname_avp: peer reports
hostname 'bu-psd1'
> |>Sep 25 17:52:12 distinct l2tpd[7108]: vendor_avp: peer reports vendor
'Cisco
> Systems, Inc.\200^H'
> |>Sep 25 17:52:12 distinct l2tpd[7108]: assigned_tunnel_avp: using peer's
tunnel 26108
> |>Sep 25 17:52:12 distinct l2tpd[7108]: receive_window_size_avp: peer
wants RWS of
> 20050. Will use flow control.
> |>Sep 25 17:52:12 distinct l2tpd[7108]: challenge_avp: challenge avp found
> |>Sep 25 17:52:13 distinct l2tpd[7108]: ourtid = 6617, entropy_buf = 19d9
> |>Sep 25 17:52:13 distinct l2tpd[7108]: check_control: control, cid = 0,
Ns = 0, Nr = 0
> |>Sep 25 17:52:13 distinct l2tpd[7108]: handle_avps: handling avp's for
tunnel 6617,
> call 0
> |>Sep 25 17:52:13 distinct l2tpd[7108]: message_type_avp: message type 1
> (Start-Control-Connection-Request)
> |>Sep 25 17:52:13 distinct l2tpd[7108]: protocol_version_avp: peer is
using version
> 1, revision 0.
> |>Sep 25 17:52:13 distinct l2tpd[7108]: framing_caps_avp: supported peer
frames:
> |>Sep 25 17:52:13 distinct l2tpd[7108]: bearer_caps_avp: supported peer
bearers:
> |>Sep 25 17:52:13 distinct l2tpd[7108]: firmware_rev_avp: peer reports
firmware
> version 4400 (0x1130)
> |>Sep 25 17:52:13 distinct l2tpd[7108]: hostname_avp: peer reports
hostname 'bu-psd1'
> |>Sep 25 17:52:13 distinct l2tpd[7108]: vendor_avp: peer reports vendor
'Cisco
> Systems, Inc.\200^H'
> |>Sep 25 17:52:13 distinct l2tpd[7108]: assigned_tunnel_avp: using peer's
tunnel 26108
> |>Sep 25 17:52:13 distinct l2tpd[7108]: receive_window_size_avp: peer
wants RWS of
> 20050. Will use flow control.
> |>Sep 25 17:52:13 distinct l2tpd[7108]: challenge_avp: challenge avp found
> |>Sep 25 17:52:13 distinct l2tpd[7108]: control_finish: Peer requested
tunnel 26108
> twice, ignoring second one.
> |>Sep 25 17:52:15 distinct l2tpd[7108]: ourtid = 22708, entropy_buf = 58b4
> |>Sep 25 17:52:15 distinct l2tpd[7108]: ourcid = 61206, entropy_buf = ef16
> |>Sep 25 17:52:15 distinct l2tpd[7108]: check_control: control, cid = 0,
Ns = 0, Nr = 0
> |>Sep 25 17:52:15 distinct l2tpd[7108]: handle_avps: handling avp's for
tunnel 22708,
> call 61206
> |>Sep 25 17:52:15 distinct l2tpd[7108]: message_type_avp: message type 1
> (Start-Control-Connection-Request)
> |>Sep 25 17:52:15 distinct l2tpd[7108]: protocol_version_avp: peer is
using version
> 1, revision 0.
> |>Sep 25 17:52:15 distinct l2tpd[7108]: framing_caps_avp: supported peer
frames:
> |>Sep 25 17:52:15 distinct l2tpd[7108]: bearer_caps_avp: supported peer
bearers:
> |>Sep 25 17:52:15 distinct l2tpd[7108]: firmware_rev_avp: peer reports
firmware
> version 4400 (0x1130)
> |>Sep 25 17:52:15 distinct l2tpd[7108]: hostname_avp: peer reports
hostname 'bu-psd1'
> |>Sep 25 17:52:15 distinct l2tpd[7108]: vendor_avp: peer reports vendor
'Cisco
> Systems, Inc.> \200^H'
> |>Sep 25 17:52:15 distinct l2tpd[7108]: assigned_tunnel_avp: using peer's
tunnel 26108
> |>Sep 25 17:52:15 distinct l2tpd[7108]: receive_window_size_avp: peer
wants RWS of
> 20050. Will use flow control.
> |>Sep 25 17:52:15 distinct l2tpd[7108]: challenge_avp: challenge avp found
> |>Sep 25 17:52:15 distinct l2tpd[7108]: control_finish: Peer requested
tunnel 26108
> twice, ignoring second one.
> |>Sep 25 17:52:17 distinct l2tpd[7108]: control_xmit: Maximum retries
exceeded for
> tunnel 57158. Closing.
> |>Sep 25 17:52:17 distinct l2tpd[7108]: call_close : Connection 26108
closed to
> 180.197.176.105, port 1701 (Timeout)
> |>Sep 25 17:52:19 distinct l2tpd[7108]: ourtid = 20513, entropy_buf = 5021
> |>Sep 25 17:52:19 distinct l2tpd[7108]: check_control: control, cid = 0,
Ns = 1, Nr = 0
> |>Sep 25 17:52:19 distinct l2tpd[7108]: check_control: Received out of
order control
> packet on tunnel -1 (1 != 0)
> |>Sep 25 17:52:19 distinct l2tpd[7108]: handle_packet: bad control packet!
> |>Sep 25 17:52:22 distinct l2tpd[7108]: control_xmit: Unable to deliver
closing
> message for tunnel 57158. Destroying anyway.
> |>Sep 25 17:53:34 distinct l2tpd[7108]: death_handler: Fatal signal 2
received
> |>
> |>
> |>
> |>
> |>
> |>Here is l2tpd.conf
> |>
> |>
> |> [global]
; Global
> parameters:
> |> port = 1701 ; * Bind
to port 1701
> |> auth file = l2tp-secrets ; * Where our challenge secrets are
> |> access control = no ; * Refuse
connections
> without IP match
> |> rand source = dev ; Source for entropy for random
> |>; ; numbers, options are:
> |>; ; dev - reads of /dev/urandom
> |>; ; sys - uses rand()
> |>; ; egd - reads from egd socket
> |>; ; egd is not yet implemented
> |>;
> |> [lns distinctmedia]
; Our
> fallthrough LNS definition
> |> ip range = 192.168.0.1-192.168.0.20 ; * Allocate from this IP range
> |> no ip range = 192.168.0.3-192.168.0.9 ; * Except these hosts
> |> ip range = 192.168.0.5 ; * But this one is okay
> |> lac = 180.197.176.105 ; * These can connect as LAC's
> |> hidden bit = no ; * Use hidden AVP's?
> |> refuse pap = yes ; *
Refuse PAP
> authentication
> |> refuse chap = no ; *
Refuse CHAP
> authentication
> |> ppp debug = yes ; * Turn
on PPP
> debugging
> |> call rws = -1 ; * RWS
for call
> (-1 is valid)
> |> tunnel rws = 14 ; * RWS
for tunnel
> (must be > 0)
> |> flow bit = yes ; * Include
sequence numbers
> |>
> |>
>
>
> - --
> Thierry Coutelier
> No Patents on Software: http://www.linux.lu/epatent
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQE/c/7aPOfrcNNQX7oRAgDFAJ9n9XxnSiofKinez7q/d9Uu/TP3nQCeNFRr
> h2vYrbeCLD+LADBtBOVQg9o=
> =X8Fe
> -----END PGP SIGNATURE-----
>
