Re: npppd not communicating in 5.2

2013-03-06 Thread YASUOKA Masahiko 
Hi,

On Tue, 5 Mar 2013 16:35:51 -0500
Jason Markowitz jma...@gmail.com wrote:
 I'm receiving the following errors when attempting to establish a vpn
 session via l2tp, the ipsec side works fine and phase 1 authenticates
 perfectly, i dont see pf blocking anything in pf log (egress wide
 open, inbound is set to block in log all, with holes opened for the
 appropriate ports for vpn and ssh)
 
 2013-03-05 16:26:10:NOTICE: Starting npppd pid=5729 version=5.0.0
...
 2013-03-05 16:26:19:INFO: l2tpd ctrl=1 SendSCCRP
 2013-03-05 16:26:21:NOTICE: l2tpd ctrl=2 logtype=Started RecvSCCRQ
 from=x.x.x.252.247:65028/udp tunnel_id=2/15 protocol=1.0 winsize=4
 hostname=Jasons-MacBook-Air.local vendor=(no vendorname) firm=
 2013-03-05 16:26:21:INFO: l2tpd ctrl=2 SendSCCRP

The client seems it could not receive any L2TP reply packets from
npppd.

Is there a NAT between the client and the npppd?  npppd on 5.2 doesn't
support L2TP/IPsec over NAT.  5.3 will support that.

--yasuoka

Re: npppd not communicating in 5.2

2013-03-05 Thread Johan Beisser 
I had a problem with tun interfaces and npppd. Try the pppx interface instead. 



Sent form my iFoe. 

On Mar 5, 2013, at 13:35, Jason Markowitz jma...@gmail.com wrote:

 Hello,
 
 
 I'm receiving the following errors when attempting to establish a vpn
 session via l2tp, the ipsec side works fine and phase 1 authenticates
 perfectly, i dont see pf blocking anything in pf log (egress wide
 open, inbound is set to block in log all, with holes opened for the
 appropriate ports for vpn and ssh)
 
 2013-03-05 16:26:10:NOTICE: Starting npppd pid=5729 version=5.0.0
 2013-03-05 16:26:10:NOTICE: Load configuration
 from='/etc/npppd/npppd.conf' successfully.
 2013-03-05 16:26:10:WARNING: write() failed in in_route0 on RTM_ADD :
 File exists
 2013-03-05 16:26:10:INFO: tun0 Started ip4addr=10.101.0.1
 2013-03-05 16:26:10:INFO: Listening /var/run/npppd_ctl (npppd_ctl)
 2013-03-05 16:26:10:INFO: Added 2 routes for new pool addresses
 2013-03-05 16:26:10:INFO: Loading pool config successfully.
 2013-03-05 16:26:10:INFO: realm name=local(local) Loaded users
 from='/etc/npppd/npppd-users.csv' successfully.  1 users
 2013-03-05 16:26:10:INFO: l2tpd Listening 0.0.0.0:1701/udp (L2TP LNS) [L2TP]
 2013-03-05 16:26:10:INFO: l2tpd Listening [::]:1701/udp (L2TP LNS) [L2TP]
 2013-03-05 16:26:10:INFO: tun0 is using ipcp=default(1 pools).
 2013-03-05 16:26:19:NOTICE: l2tpd ctrl=1 logtype=Started RecvSCCRQ
 from=x.x.x.247:65028/udp tunnel_id=1/15 protocol=1.0 winsize=4
 hostname=Jasons-MacBook-Air.local vendor=(no vendorname) firm=
 2013-03-05 16:26:19:INFO: l2tpd ctrl=1 SendSCCRP
 2013-03-05 16:26:21:NOTICE: l2tpd ctrl=2 logtype=Started RecvSCCRQ
 from=x.x.x.252.247:65028/udp tunnel_id=2/15 protocol=1.0 winsize=4
 hostname=Jasons-MacBook-Air.local vendor=(no vendorname) firm=
 2013-03-05 16:26:21:INFO: l2tpd ctrl=2 SendSCCRP
 2013-03-05 16:26:25:NOTICE: l2tpd ctrl=3 logtype=Started RecvSCCRQ
 from=x.x.x..247:65028/udp tunnel_id=3/15 protocol=1.0 winsize=4
 hostname=Jasons-MacBook-Air.local vendor=(no vendorname) firm=
 2013-03-05 16:26:25:INFO: l2tpd ctrl=3 SendSCCRP
 2013-03-05 16:26:29:NOTICE: l2tpd ctrl=4 logtype=Started RecvSCCRQ
 from=x.x.x.247:65028/udp tunnel_id=4/15 protocol=1.0 winsize=4
 hostname=Jasons-MacBook-Air.local vendor=(no vendorname) firm=
 2013-03-05 16:26:29:INFO: l2tpd ctrl=4 SendSCCRP
 2013-03-05 16:26:31:NOTICE: l2tpd ctrl=1 timeout waiting ack for ctrl packets.
 2013-03-05 16:26:31:NOTICE: l2tpd ctrl=1 logtype=Finished
 2013-03-05 16:26:33:NOTICE: l2tpd ctrl=5 logtype=Started RecvSCCRQ
 from=xx.x.x.247:65028/udp tunnel_id=5/15 protocol=1.0 winsize=4
 hostname=Jasons-MacBook-Air.local vendor=(no vendorname) firm=
 2013-03-05 16:26:33:INFO: l2tpd ctrl=5 SendSCCRP
 2013-03-05 16:26:33:NOTICE: l2tpd ctrl=2 timeout waiting ack for ctrl packets.
 2013-03-05 16:26:33:NOTICE: l2tpd ctrl=2 logtype=Finished
 2013-03-05 16:26:37:NOTICE: l2tpd ctrl=6 logtype=Started RecvSCCRQ
 from=xxx.x.x.247:65028/udp tunnel_id=6/15 protocol=1.0 winsize=4
 hostname=Jasons-MacBook-Air.local vendor=(no vendorname) firm=
 2013-03-05 16:26:37:INFO: l2tpd ctrl=6 SendSCCRP
 2013-03-05 16:26:37:NOTICE: l2tpd ctrl=3 timeout waiting ack for ctrl packets.
 2013-03-05 16:26:37:NOTICE: l2tpd ctrl=3 logtype=Finished
 2013-03-05 16:26:41:NOTICE: l2tpd ctrl=4 timeout waiting ack for ctrl packets.
 2013-03-05 16:26:41:NOTICE: l2tpd ctrl=4 logtype=Finished
 
 
 
 npppd.conf:
 
 interface_list: tun0
 interface.tun0.ip4addr: 10.101.0.1
 
 # IP Address Pool
 pool.dyna_pool: 10.101.0.0/25
 pool.pool:  10.101.0.128/25
 
 # local file auth
 auth.local.realm_list:  local
 auth.local.realm.acctlist:  /etc/npppd/npppd-users.csv
 realm.local.concentrate: tun0
 
 lcp.mru:1400
 lcp.timeout:18
 auth.method:mschapv2
 # auth.method:  mschapv2 chap pap
 ipcp.assign_fixed: true
 ipcp.assign_userselect:true
 
 pptpd.enabled:  false
 pptpd.ip4_allow:0.0.0.0/0
 #pptpd.listener_in: PPTP 192.168.0.1
 
 # L2TP daemon
 l2tpd.enabled:  true
 l2tpd.ip4_allow:0.0.0.0/0
 #l2tpd.listener_in: L2TP 10.101.0.1
 l2tpd.purge_ipsec_sa:   false
 l2tpd.require_ipsec:true
 l2tpd.accept_dialin:true
 
 pipex.enabled: true
 
 
 Any Thoughts? System is amd64 running 5.2