I used L2TP IPsec VPN Manager until upgrading to 13.10
It worked previously. But now it does not work.
The ipsec server (Fortigate firewall, logs everything as just fine, then says the client disconnected.)
The line IPCP terminated by peer (Unauthorized remote IP address)
- makes no sense, the IP is provided by the FW, and is from the right pool.
Also, FW does not log any problem.
Finally: connecting to the same FW using Android - works fine.
log from ipsec client:
Nov 21 11:58:16.839 ipsec_setup: Stopping Openswan IPsec...
Nov 21 11:58:18.580 Stopping xl2tpd: xl2tpd.
Nov 21 11:58:18.581 xl2tpd[19495]: death_handler: Fatal signal 15 received
Nov 21 11:58:18.612 ipsec_setup: Starting Openswan IPsec U2.6.38/K3.11.0-13-generic...
Nov 21 11:58:18.886 ipsec__plutorun: Starting Pluto subsystem...
Nov 21 11:58:18.892 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Nov 21 11:58:18.900 recvref[30]: Protocol not available
Nov 21 11:58:18.900 xl2tpd[21494]: This binary does not support kernel L2TP.
Nov 21 11:58:18.901 xl2tpd[21497]: xl2tpd version xl2tpd-1.3.1 started on andre-OptiPlex-990 PID:21497
Nov 21 11:58:18.902 xl2tpd[21497]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Nov 21 11:58:18.902 xl2tpd[21497]: Forked by Scott Balmos and David Stipp, (C) 2001
Nov 21 11:58:18.902 xl2tpd[21497]: Inherited by Jeff McAdams, (C) 2002
Nov 21 11:58:18.902 xl2tpd[21497]: Forked again by Xelerance (www.xelerance.com) (C) 2006
Nov 21 11:58:18.902 xl2tpd[21497]: Listening on IP address 0.0.0.0, port 1701
Nov 21 11:58:18.903 Starting xl2tpd: xl2tpd.
Nov 21 11:58:19.031 ipsec__plutorun: 002 added connection description "Valhall"
Nov 21 11:58:19.386 104 "Valhall" #1: STATE_MAIN_I1: initiate
Nov 21 11:58:19.387 003 "Valhall" #1: received Vendor ID payload [RFC 3947] method set to=115
Nov 21 11:58:19.387 003 "Valhall" #1: received Vendor ID payload [Dead Peer Detection]
Nov 21 11:58:19.387 003 "Valhall" #1: ignoring unknown Vendor ID payload [8299031757a36082c6a621de000402a0]
Nov 21 11:58:19.387 106 "Valhall" #1: STATE_MAIN_I2: sent MI2, expecting MR2
Nov 21 11:58:19.388 003 "Valhall" #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): i am NATed
Nov 21 11:58:19.388 108 "Valhall" #1: STATE_MAIN_I3: sent MI3, expecting MR3
Nov 21 11:58:19.388 004 "Valhall" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
Nov 21 11:58:19.388 117 "Valhall" #2: STATE_QUICK_I1: initiate
Nov 21 11:58:19.388 003 "Valhall" #2: ignoring informational payload, type IPSEC_RESPONDER_LIFETIME msgid=0530bd3b
Nov 21 11:58:19.389 003 "Valhall" #2: NAT-Traversal: received 2 NAT-OA. ignored because peer is not NATed
Nov 21 11:58:19.389 004 "Valhall" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0xea9d24b4 <0xc36d9ff6 xfrm=3DES_0-HMAC_SHA1 NATOA=none NATD=none DPD=none}
Nov 21 11:58:20.391 xl2tpd[21497]: Connecting to host mydomain.com, port 1701
Nov 21 11:58:20.461 xl2tpd[21497]: Connection established to x.x.x.199, 1701. Local: 46031, Remote: 3 (ref=0/0).
Nov 21 11:58:20.461 xl2tpd[21497]: Calling on tunnel 46031
Nov 21 11:58:20.529 xl2tpd[21497]: Call established with x.x.x.199, Local: 65516, Remote: 4, Serial: 1 (ref=0/0)
Nov 21 11:58:20.529 xl2tpd[21497]: start_pppd: I'm running:
Nov 21 11:58:20.530 xl2tpd[21497]: "/usr/sbin/pppd"
Nov 21 11:58:20.530 xl2tpd[21497]: "passive"
Nov 21 11:58:20.530 xl2tpd[21497]: "nodetach"
Nov 21 11:58:20.530 xl2tpd[21497]: ":"
Nov 21 11:58:20.531 xl2tpd[21497]: "file"
Nov 21 11:58:20.531 xl2tpd[21497]: "/etc/ppp/Valhall.options.xl2tpd"
Nov 21 11:58:20.531 xl2tpd[21497]: "ipparam"
Nov 21 11:58:20.531 xl2tpd[21497]: "x.x.x.199"
Nov 21 11:58:20.532 xl2tpd[21497]: "/dev/pts/5"
Nov 21 11:58:20.539 pppd[21544]: Plugin passprompt.so loaded.
Nov 21 11:58:20.547 pppd[21544]: pppd 2.4.5 started by root, uid 0
Nov 21 11:58:20.548 pppd[21544]: Using interface ppp0
Nov 21 11:58:20.548 pppd[21544]: Connect: ppp0 <--> /dev/pts/5
Nov 21 11:58:23.693 pppd[21544]: Deflate (15) compression enabled
Nov 21 11:58:23.754 pppd[21544]: local IP address 192.168.1.141
Nov 21 11:58:23.755 pppd[21544]: remote IP address 192.168.1.140
Nov 21 11:58:23.755 pppd[21544]: primary DNS address x.x.x.x
Nov 21 11:58:23.755 pppd[21544]: secondary DNS address x.x.x.x
Nov 21 11:58:23.761 pppd[21544]: IPCP terminated by peer (Unauthorized remote IP address)
Nov 21 11:58:23.761 pppd[21544]: Connect time 0.0 minutes.
Nov 21 11:58:23.762 pppd[21544]: Sent 0 bytes, received 34 bytes.
Nov 21 11:58:23.831 pppd[21544]: LCP terminated by peer (No network protocols running)
Nov 21 11:58:24.048 xl2tpd[21497]: control_finish: Connection closed to x.x.x.199, serial 1 ()
Nov 21 11:58:24.049 xl2tpd[21497]: Terminating pppd: sending TERM signal to pid 21544
Nov 21 11:58:24.049 pppd[21544]: Modem hangup
Nov 21 11:58:24.049 pppd[21544]: Connection terminated.
Nov 21 11:58:24.074 pppd[21544]: Terminating on signal 15
Nov 21 11:58:24.075 pppd[21544]: Exit.
So how to connect to ipsec VPN ?
0 Answers