On Wed, Nov 15, 2017 at 09:46:19AM -0700, Kevin Locke wrote:
> Hi all,
>
> I am using an L2TP/IPsec (transport mode) VPN connection from a client
> behind a NAT running Debian with strongswan 5.6.0-2 and xl2tpd
> 1.3.10-1 to a Cisco Meraki MX60 with a public IP. The connection
> works with kernel 4.13 but not with kernel 4.14. With 4.14 the IPsec
> connection appears to be established correctly but xl2tpd is unable to
> establish the L2TP connection. The relevant error from syslog is:
>
> charon: 09[KNL] creating acquire job for policy 192.168.21.10/32[udp/l2f] ===
> X.X.X.X/32[udp/l2f] with reqid {1}
> charon: 12[CFG] trap not found, unable to acquire reqid 1
>
> I have bisected the issue to commit c9f3f813d462. I have attached the
> client ipsec.conf as well as the syslog during the connection attempt
> for both c9f3f813d462 (bad) and cf3796675174 (good). Meraki IPs have
> been redacted to protect the innocent.
>
> I'd appreciate any assistance in fixing the issue. Let me know if
> there's anything else I can do to help troubleshoot or test.
The offending commit is already reverted in the 'net' tree
and will be available in mainline soon.
Thanks for the report!
