[gentoo-user] problem with l2tp-isec
Hi. I am trying to configure l2tp-isec to a server and although it works in Winblows, whenever I put c followed by the name, it times out. I am not seeing any particular bad messages, except that netlink says 20 bytes left over after parsing attributes, but there seems to be no solution to that. I am using openswan plus xl2tp. How can I troubleshoot this, or should I post my configs here? Thanks in advance for any suggestions. -- Your life is like a penny. You're going to lose it. The question is: How do you spend it? John Covici cov...@ccs.covici.com
Re: [gentoo-user] problem with l2tp-isec
On Thursday 19 Dec 2013 14:27:28 cov...@ccs.covici.com wrote: Hi. I am trying to configure l2tp-isec to a server and although it works in Winblows, whenever I put c followed by the name, it times out. I am not seeing any particular bad messages, except that netlink says 20 bytes left over after parsing attributes, but there seems to be no solution to that. I am using openswan plus xl2tp. How can I troubleshoot this, or should I post my configs here? Thanks in advance for any suggestions. Have you followed suggestions relevant to openswan and xl2tpd here? http://wiki.gentoo.org/wiki/IPsec_L2TP_VPN_server Increase the verbosity of the openswan debugging to see if ipsec is established, or why it fails. If the ipsec association is established, then check the x2ltp configuration and set 'debug tunnel = yes' to get more information from it, or start it as 'xl2tpd -D' to get some useful information until you get it going. However, if you are using Windows =7 then it may be better to install and run StrongSwan with IKEv2 on Linux, which MSWindows can now support natively and do away with L2TP all together. Openswan also supports IKEv2. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] problem with l2tp-isec
Thanks -- I followed the wrong wiki, I will see if there is much difference and check the debugging. Thanks. Mick michaelkintz...@gmail.com wrote: On Thursday 19 Dec 2013 14:27:28 cov...@ccs.covici.com wrote: Hi. I am trying to configure l2tp-isec to a server and although it works in Winblows, whenever I put c followed by the name, it times out. I am not seeing any particular bad messages, except that netlink says 20 bytes left over after parsing attributes, but there seems to be no solution to that. I am using openswan plus xl2tp. How can I troubleshoot this, or should I post my configs here? Thanks in advance for any suggestions. Have you followed suggestions relevant to openswan and xl2tpd here? http://wiki.gentoo.org/wiki/IPsec_L2TP_VPN_server Increase the verbosity of the openswan debugging to see if ipsec is established, or why it fails. If the ipsec association is established, then check the x2ltp configuration and set 'debug tunnel = yes' to get more information from it, or start it as 'xl2tpd -D' to get some useful information until you get it going. However, if you are using Windows =7 then it may be better to install and run StrongSwan with IKEv2 on Linux, which MSWindows can now support natively and do away with L2TP all together. Openswan also supports IKEv2. -- Regards, Mick -- Your life is like a penny. You're going to lose it. The question is: How do you spend it? John Covici cov...@ccs.covici.com
