** Description changed:
My connection works in 20.04 and fails in 22.04. Perhaps something i've
- been using is now depricated? Or perhaps jammy strongswan is...still
+ been using is now depricated? Or perhaps jammy xl2tpd is...still
working on it?
- This is the output i get in 22.04:
- initiating Main Mode IKE_SA myvp7[1] to 2.i.p.7
- generating ID_PROT request 0 [ SA V V V V V ]
- sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (180 bytes)
- received packet: from 2.i.p.7[500] to 1.i.p.2[500] (136 bytes)
- parsed ID_PROT response 0 [ SA V V V ]
- received XAuth vendor ID
- received DPD vendor ID
- received NAT-T (RFC 3947) vendor ID
- selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
- generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
- sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (372 bytes)
- received packet: from 2.i.p.7[500] to 1.i.p.2[500] (372 bytes)
- parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
- no shared key found for '1.i.p.2'[1.i.p.2] - '2.i.p.7'[2.i.p.7]
- no shared key found for 1.i.p.2 - 2.i.p.7
- generating INFORMATIONAL_V1 request 402437601 [ N(INVAL_KE) ]
- sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (56 bytes)
- establishing connection 'myvp7' failed
+ see my attached syslog extracts. i extracted them thus:
- This is the output i get in 20.04:
- initiating Main Mode IKE_SA myvp7[1] to 2.i.p.7
- generating ID_PROT request 0 [ SA V V V V V ]
- sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (180 bytes)
- received packet: from 2.i.p.7[500] to 1.i.p.2[500] (136 bytes)
- parsed ID_PROT response 0 [ SA V V V ]
- received XAuth vendor ID
- received DPD vendor ID
- received NAT-T (RFC 3947) vendor ID
- selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
- generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
- sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (372 bytes)
- received packet: from 2.i.p.7[500] to 1.i.p.2[500] (372 bytes)
- parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
- local host is behind NAT, sending keep alives
- generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
- sending packet: from 1.i.p.2[4500] to 2.i.p.7[4500] (108 bytes)
- received packet: from 2.i.p.7[4500] to 1.i.p.2[4500] (76 bytes)
- parsed ID_PROT response 0 [ ID HASH ]
- IKE_SA myvp7[1] established between 1.i.p.2[1.i.p.2]...2.i.p.7[2.i.p.7]
- scheduling reauthentication in 3397s
- maximum IKE_SA lifetime 3577s
- generating QUICK_MODE request 3605139670 [ HASH SA No ID ID NAT-OA NAT-OA ]
- sending packet: from 1.i.p.2[4500] to 2.i.p.7[4500] (204 bytes)
- received packet: from 2.i.p.7[4500] to 1.i.p.2[4500] (204 bytes)
- parsed QUICK_MODE response 3605139670 [ HASH SA No ID ID NAT-OA NAT-OA ]
- selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
- CHILD_SA myvp7{1} established with SPIs ce997cf9_i ccdb93e8_o and TS
1.i.p.2/32[udp/l2f] === 2.i.p.7/32[udp/l2f]
- connection 'myvp7' established successfully
+ egrep "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep
+ -v "INFORMATIONAL_V1|packet: from"
- my ipsec.conf:
+ what seems to stand out is:
+
+ These lines show up in syslog only in 20.04:
+ Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
+ Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
+ Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
+ Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
+
+ These lines show up in syslog only in jammy:
+ Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
+ Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
+ Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
+ Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
+ Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
+ Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
+ Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
+ Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
+ Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
+ Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
+ Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
+ Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
+ Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
+ Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
+ Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
+ Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 12 Dumping.
+ Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
+ Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 105 Dumping.
+ Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202.
Closing.
+ Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701
(Timeout)
+ Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
+ Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
+ Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
+ Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
+ Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
+ Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
+ Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
+ Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
+ Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
+ Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or
tunnel to handle packet. call = 39202, tunnel = 45 Dumping.
+ Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for
tunnel 39202. Destroying anyway.
+
+ my /etc/ipsec.conf:
conn myvp7
- right=2.i.p.7
- rightprotoport=17/1701
- leftprotoport=17/1701
- left=%defaultroute
- keyexchange=ikev1
- type=transport
- authby=secret
- auto=add
+ right=2.i.p.7
+ rightprotoport=17/1701
+ leftprotoport=17/1701
+ left=%defaultroute
+ keyexchange=ikev1
+ type=transport
+ authby=secret
+ auto=add
- my ipsec.secrets:
+ my /etc/ipsec.secrets:
: PSK ...
+
+ my /etc/xl2tpd/xl2tpd.conf:
+ [lac myvp7]
+ lns = 2.i.p.7
+ ppp debug = yes
+ pppoptfile = /etc/ppp/options.l2tpd.client
+ length bit = yes
+
+ my /etc/ppp/options.l2tpd.client:
+ ipcp-accept-local
+ ipcp-accept-remote
+ refuse-eap
+ require-chap
+ noccp
+ noauth
+ mtu 1280
+ mru 1280
+ noipdefault
+ defaultroute
+ usepeerdns
+ connect-delay 5000
+
+ name ...
+ password ...
+
+ my startup commands:
+ ipsec up myvp7&&
+ echo>/var/run/xl2tpd/l2tp-control c myvp7&&
+ while i=$(ip route) j=${i#*3.i.p.}
+ [[ $j = "$i" ]]
+ do echo -n .;sleep .3
+ done
+ i="ip route add 192.168.128.0/21 via 192.168.128.${j%% *}"
+ echo $i;$i
** Attachment added: "syslog extract from 20.04"
https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5543173/+files/fks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1951832
Title:
xl2tpd "Can not find tunnel" in jammy
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
