Also, if I run tcpdump -i eth2 udp port 1701 on the router and try to
connect or try nc I see no packets on the router.
Matthew Smart
President
Smart Software Solutions Inc.
108 S Pierre St.
Pierre, SD 57501
Phone: (605) 280-0383
Skype: msmart13
Email: msm...@smartsoftwareinc.com
On 08/10/2016 12:29 PM, Matthew Smart wrote:
Hey guys,
I decided I should make sure I can properly configure the remote
access vpn in its current state before I try to modify it for my uses.
Unfortunately, I cannot seem to get it to work using the instructions
on the website. I activated the VPN from the web UI and added a user
account. These steps succeeded and I am not seeing any errors in the
management or agent logs. I configured the VPN client (Mac OSX) but
when I connect it errors saying "L2TP-VPN server did not respond." If
I enable ICMP in the firewall I can ping the IP associated with the
router from the client machine.
If I console into the VRouter and run lsof -i I can see that x2ltpd is
listening on l2f (1701).
I have tried running nc -u VROUTERIP 1701 from the client to manually
test if the router is listening on port 1701 but the command never
finishes. I thought this was odd because I expect that if x2ltpd was
not listening on 1701 that nc would fail. The way it blocks reminds me
of a firewall drop. But the firewall configuration for the VROUTERIP
is showing 1701, 4500, and 500 UDP allowed from 0.0.0.0/0 both in the
web UI and via iptables -L -n
Not sure this is relevant but I did notice that if I tail
/var/log/syslog on the VRouter there are the following lines close to
the bottom:
Nov 9 11:20:13 systemvm xl2tpd[11917]: setsockopt recvref[30]:
Protocol not available
Nov 9 11:20:13 systemvm xl2tpd[11917]: This binary does not support
kernel L2TP.
Nov 9 11:20:13 systemvm xl2tpd[11918]: xl2tpd version xl2tpd-1.3.1
started on systemvm PID:11918
Nov 9 11:20:13 systemvm xl2tpd[11918]: Written by Mark Spencer,
Copyright (C) 1998, Adtran, Inc.
Nov 9 11:20:13 systemvm xl2tpd[11918]: Forked by Scott Balmos and
David Stipp, (C) 2001
Nov 9 11:20:13 systemvm xl2tpd[11918]: Inherited by Jeff McAdams, (C)
2002
Nov 9 11:20:13 systemvm xl2tpd[11918]: Forked again by Xelerance
(www.xelerance.com) (C) 2006
Nov 9 11:20:13 systemvm xl2tpd[11918]: Listening on IP address
0.0.0.0, port 1701
Nov 9 11:20:42 systemvm /usr/sbin/irqbalance: Balancing is
ineffective on systems with a single cache domain. Shutting down
Nov 9 11:20:59 systemvm KVP: KVP starting; pid is:18270
Nov 9 11:21:36 systemvm shutdown[21010]: shutting down for system halt
Nov 9 11:21:36 systemvm init: Switching to runlevel: 0
Nov 9 11:21:37 systemvm KVP: KVP starting; pid is:21036
Nov 9 11:21:37 systemvm KVP: recvfrom failed; pid:21036 error:2 No
such file or directory
Nov 9 11:21:37 systemvm init: Re-reading inittab
Nov 9 11:21:37 systemvm conntrack-tools[11432]: ---- shutdown
received ----
Nov 9 11:21:39 systemvm dnsmasq[11500]: exiting on receipt of SIGTERM
Nov 9 11:21:39 systemvm acpid: exiting
Nov 9 11:21:39 systemvm xl2tpd[11918]: death_handler: Fatal signal 15
received
Nov 9 11:21:39 systemvm ntpd[1732]: ntpd exiting on signal 15
Any thoughts on this or ideas for how I can troubleshoot the issue?
