Ok, I have enabled all the logs to level 4. Here is what I get around the
error. Is this any more helpful? Perhaps, I need to set left/rightsubmask? Is
the problem that it used my public ip rather than router internal? I don't
think there is anything else missing from config (I don't have access to server
log unfortunately)
LOG
Apr 08 21:19:45 cosmic charon[3199]: 04[IKE] changing received traffic
selectors <my-public-ip>/32[udp]=== <vpn-server-ip>/32[udp/l2f] due to NAT
Apr 08 21:19:45 cosmic charon[3199]: 04[CHD] CHILD_SA myvpn{1} state change:
CREATED => INSTALLING
Apr 08 21:19:45 cosmic charon[3199]: 04[IKE] no acceptable traffic selectors
found
Apr 08 21:19:45 cosmic charon[3199]: 04[IKE] queueing INFORMATIONAL task
Apr 08 21:19:45 cosmic charon[3199]: 04[CHD] CHILD_SA myvpn{1} state change:
INSTALLING => DESTROYING
Apr 08 21:19:45 cosmic charon[3199]: 04[KNL] deleting SAD entry with SPI
cb524fd7
later there's also stuff like
Apr 08 21:47:49 cosmic ipsec[3798]: 03[IKE] received retransmit of response
with ID 2810990975, but next request already sent
CONFIGS
ipsec.conf (I don't think the others really mater at this point)
conn myvpn
type=transport
authby=secret
pfs=no
rekey=no
keyingtries=1
left=%defaultroute
leftprotoport=udp/l2tp
right=<vpn-server-ip>
rightprotoport=udp/%any
auto=add
ike=3des-sha1-modp1536!
esp=3des-sha1!
keyexchange=ikev1
xl2tpd.conf (tried with lac section as well)
[global]
port = 1701
access control = no
[lns default]
local ip = 192.168.1.2
require authentication = yes
name = myvpn
pppoptfile = /etc/ppp/options.l2tpd
options.l2tp (tried many others, with username/password, too)
noccp
auth
crtscts
mtu 1410
mru 1410
nodefaultroute
lock
proxyarp
silent
also there a secrets file obviously
________________________________
