On Wed, Nov 15, 2017 at 09:46:19AM -0700, Kevin Locke wrote: > Hi all, > > I am using an L2TP/IPsec (transport mode) VPN connection from a client > behind a NAT running Debian with strongswan 5.6.0-2 and xl2tpd > 1.3.10-1 to a Cisco Meraki MX60 with a public IP. The connection > works with kernel 4.13 but not with kernel 4.14. With 4.14 the IPsec > connection appears to be established correctly but xl2tpd is unable to > establish the L2TP connection. The relevant error from syslog is: > > charon: 09[KNL] creating acquire job for policy 192.168.21.10/32[udp/l2f] === > X.X.X.X/32[udp/l2f] with reqid {1} > charon: 12[CFG] trap not found, unable to acquire reqid 1 > > I have bisected the issue to commit c9f3f813d462. I have attached the > client ipsec.conf as well as the syslog during the connection attempt > for both c9f3f813d462 (bad) and cf3796675174 (good). Meraki IPs have > been redacted to protect the innocent. > > I'd appreciate any assistance in fixing the issue. Let me know if > there's anything else I can do to help troubleshoot or test.
The offending commit is already reverted in the 'net' tree and will be available in mainline soon. Thanks for the report!