Dear All, I am trying to establish a L2TP VPN connection using libreswan on Fedora 31 to connect to a MS Windows server, but getting the problem below.
With ipscan, I got: ------------------------- Starting ike-scan 1.9.4 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan/) 193.136.25.122 Main Mode Handshake returned HDR=(CKY-R=3223cb62087f3582) SA=(Enc=3DES Hash=SHA1 Auth=PSK Group=2:modp1024 LifeType=Seconds LifeDuration(4)=0x00007080) VID=4048b7d56ebce88525e7de7f00d6c2d3 (IKE Fragmentation) VID=f4ed19e0c114eb516faaac0ee37daf2807b4381f000000010000138d5dcb58be0000000018390000 (Firewall-1 NGX) Ending ike-scan 1.9.4: 1 hosts scanned in 0.043 seconds (23.49 hosts/sec). 1 returned handshake; 0 returned notify ------------------------- Any ideas? Thanks in advance, Paul ------------------------- seeking_src = 0, seeking_gateway = 0, has_peer = 1 conn: "ec9a3d05-1842-403a-84b5-371af56faa30" modecfgdns=<unset> conn: "ec9a3d05-1842-403a-84b5-371af56faa30" modecfgdomains=<unset> conn: "ec9a3d05-1842-403a-84b5-371af56faa30" modecfgbanner=<unset> conn: "ec9a3d05-1842-403a-84b5-371af56faa30" mark=<unset> conn: "ec9a3d05-1842-403a-84b5-371af56faa30" mark-in=<unset> conn: "ec9a3d05-1842-403a-84b5-371af56faa30" mark-out=<unset> conn: "ec9a3d05-1842-403a-84b5-371af56faa30" vti_iface=<unset> conn: "ec9a3d05-1842-403a-84b5-371af56faa30" redirect-to=<unset> conn: "ec9a3d05-1842-403a-84b5-371af56faa30" accept-redirect-to=<unset> conn: "ec9a3d05-1842-403a-84b5-371af56faa30" esp=3des-sha1 conn: "ec9a3d05-1842-403a-84b5-371af56faa30" ike=3des-sha1-modp1024 002 added connection description "ec9a3d05-1842-403a-84b5-371af56faa30" nm-l2tp[25120] <info> Spawned ipsec auto --up script with PID 25521. 002 "ec9a3d05-1842-403a-84b5-371af56faa30" #1: initiating Main Mode 104 "ec9a3d05-1842-403a-84b5-371af56faa30" #1: STATE_MAIN_I1: initiate 106 "ec9a3d05-1842-403a-84b5-371af56faa30" #1: STATE_MAIN_I2: sent MI2, expecting MR2 108 "ec9a3d05-1842-403a-84b5-371af56faa30" #1: STATE_MAIN_I3: sent MI3, expecting MR3 002 "ec9a3d05-1842-403a-84b5-371af56faa30" #1: Peer ID is ID_IPV4_ADDR: '193.136.25.122' 004 "ec9a3d05-1842-403a-84b5-371af56faa30" #1: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=3DES_CBC_192 integ=HMAC_SHA1 group=MODP1024} 002 "ec9a3d05-1842-403a-84b5-371af56faa30" #2: initiating Quick Mode PSK+ENCRYPT+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:b951826e proposal=3DES_CBC-HMAC_SHA1_96 pfsgroup=MODP1024} 117 "ec9a3d05-1842-403a-84b5-371af56faa30" #2: STATE_QUICK_I1: initiate 010 "ec9a3d05-1842-403a-84b5-371af56faa30" #2: STATE_QUICK_I1: retransmission; will wait 0.5 seconds for response 010 "ec9a3d05-1842-403a-84b5-371af56faa30" #2: STATE_QUICK_I1: retransmission; will wait 1 seconds for response 010 "ec9a3d05-1842-403a-84b5-371af56faa30" #2: STATE_QUICK_I1: retransmission; will wait 2 seconds for response 010 "ec9a3d05-1842-403a-84b5-371af56faa30" #2: STATE_QUICK_I1: retransmission; will wait 4 seconds for response 010 "ec9a3d05-1842-403a-84b5-371af56faa30" #2: STATE_QUICK_I1: retransmission; will wait 8 seconds for response nm-l2tp[25120] <warn> Timeout trying to establish IPsec connection nm-l2tp[25120] <info> Terminating ipsec script with PID 25521. nm-l2tp[25120] <warn> Could not establish IPsec tunnel. _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
