L2TP over IPsec VPN Manager

Error 300 - All configuration files are blank

Asked by Nicholas Taylor

I am attempting to diagnose the problems I am having making a vpn connection with this software. I am using Ubuntu 11.10 (gnome-classic) and have installed the newest ubuntu packages from your ppa. I am attempting to connect using certificates to an openswan-2.6.32/xl2tpd (using netkey) vpn server.

My connection is failing with error 300. Using a packet sniffer I'm not seeing any packets leaving the client computer and no packets are seen hitting the server. When I look at relevant configuration files they all seem blank. Blank files include /etc/ipsec.conf, /etc/ipsec.secrets, /etc/xl2tpd/xl2tpd.conf, /etc/ppp/getIPSecInfo.lib, /etc/ppp/Test_Connection.options.xl2tpd, /etc/ppp/ip-up.d/L2tpIPsecVpn-up and /etc/ppp/ip-up.d/L2tpIPsecVpn-down. I assume that there is a problem with the tray icon writing the configuration files and that is why my connection is failing.

Any thoughts as to how I should proceed? I've included some logs below. Let me know if I can provide any more information.

During the connection attempt this is displayed in the tray icon logs:
ipsec_setup: Stopping Openswan IPsec...
Stopping xl2tpd: xl2tpd.
ipsec_setup: Starting Openswan IPsec 2.6.28...
ipsec_setup: No KLIPS support found while requested, desperately falling back to netkey
ipsec_setup: NETKEY support found. Use protostack=netkey in /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue with NETKEY
Starting xl2tpd: xl2tpd.

After the connection errors out this is displayed in the tray icon logs:
Last command timed out
000 initiating all conns with alias='Test_Connection'
021 no connection named "Test_Connection"
[ERROR 300] 'IPsec' failed to negotiate or establish security associations

Relevant entries in /var/log/debug.log
Oct 20 14:56:44 awesomex L2tpIPsecVpnControlDaemon: Opening client connection
Oct 20 14:56:44 awesomex L2tpIPsecVpnControlDaemon: Executing command ipsec setup stop
Oct 20 14:56:46 awesomex L2tpIPsecVpnControlDaemon: Command ipsec setup stop finished with exit code 0
Oct 20 14:56:46 awesomex L2tpIPsecVpnControlDaemon: Executing command invoke-rc.d xl2tpd stop
Oct 20 14:56:46 awesomex L2tpIPsecVpnControlDaemon: Command invoke-rc.d xl2tpd stop finished with exit code 0
Oct 20 14:56:46 awesomex L2tpIPsecVpnControlDaemon: Executing command ipsec setup start
Oct 20 14:56:46 awesomex L2tpIPsecVpnControlDaemon: Command ipsec setup start finished with exit code 0
Oct 20 14:56:46 awesomex L2tpIPsecVpnControlDaemon: Executing command invoke-rc.d xl2tpd start
Oct 20 14:56:46 awesomex L2tpIPsecVpnControlDaemon: Command invoke-rc.d xl2tpd start finished with exit code 0
Oct 20 14:57:24 awesomex L2tpIPsecVpnControlDaemon: Executing command ipsec auto --ready
Oct 20 14:57:24 awesomex L2tpIPsecVpnControlDaemon: Command ipsec auto --ready finished with exit code 0
Oct 20 14:57:25 awesomex L2tpIPsecVpnControlDaemon: Executing command ipsec auto --up Test_Connection
Oct 20 14:57:25 awesomex L2tpIPsecVpnControlDaemon: Command ipsec auto --up Test_Connection finished with exit code 0
Oct 20 14:57:25 awesomex L2tpIPsecVpnControlDaemon: Closing client connection

Relevant entries in /var/log/syslog
Oct 20 14:58:18 awesomex L2tpIPsecVpnControlDaemon: Opening client connection
Oct 20 14:58:18 awesomex L2tpIPsecVpnControlDaemon: Executing command ipsec setup stop
Oct 20 14:58:18 awesomex ipsec_setup: Stopping Openswan IPsec...
Oct 20 14:58:19 awesomex kernel: [49942.740224] NET: Unregistered protocol family 15
Oct 20 14:58:19 awesomex ipsec_setup: ...Openswan IPsec stopped
Oct 20 14:58:19 awesomex L2tpIPsecVpnControlDaemon: Command ipsec setup stop finished with exit code 0
Oct 20 14:58:19 awesomex L2tpIPsecVpnControlDaemon: Executing command invoke-rc.d xl2tpd stop
Oct 20 14:58:19 awesomex xl2tpd[25469]: death_handler: Fatal signal 15 received
Oct 20 14:58:19 awesomex L2tpIPsecVpnControlDaemon: Command invoke-rc.d xl2tpd stop finished with exit code 0
Oct 20 14:58:19 awesomex L2tpIPsecVpnControlDaemon: Executing command ipsec setup start
Oct 20 14:58:19 awesomex ipsec_setup: Starting Openswan IPsec 2.6.28...
Oct 20 14:58:19 awesomex ipsec_setup: Using KLIPS/legacy stack
Oct 20 14:58:19 awesomex kernel: [49942.832764] padlock_aes: VIA PadLock not detected.
Oct 20 14:58:19 awesomex kernel: [49942.852195] padlock_sha: VIA PadLock Hash Engine not detected.
Oct 20 14:58:20 awesomex kernel: [49942.879151] Intel AES-NI instructions are not detected.
Oct 20 14:58:20 awesomex kernel: [49942.893304] padlock_aes: VIA PadLock not detected.
Oct 20 14:58:20 awesomex ipsec_setup: No KLIPS support found while requested, desperately falling back to netkey
Oct 20 14:58:20 awesomex ipsec_setup: NETKEY support found. Use protostack=netkey in /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue with NETKEY
Oct 20 14:58:20 awesomex kernel: [49942.944932] NET: Registered protocol family 15
Oct 20 14:58:20 awesomex ipsec_setup: Using NETKEY(XFRM) stack
Oct 20 14:58:20 awesomex kernel: [49942.976467] intel_rng: FWH not detected
Oct 20 14:58:20 awesomex kernel: [49943.037745] Initializing XFRM netlink socket
Oct 20 14:58:20 awesomex kernel: [49943.042421] padlock_aes: VIA PadLock not detected.
Oct 20 14:58:20 awesomex kernel: [49943.060746] padlock_sha: VIA PadLock Hash Engine not detected.
Oct 20 14:58:20 awesomex kernel: [49943.083958] Intel AES-NI instructions are not detected.
Oct 20 14:58:20 awesomex kernel: [49943.097334] padlock_aes: VIA PadLock not detected.
Oct 20 14:58:20 awesomex ipsec_setup: ...Openswan IPsec started
Oct 20 14:58:20 awesomex L2tpIPsecVpnControlDaemon: Command ipsec setup start finished with exit code 0
Oct 20 14:58:20 awesomex L2tpIPsecVpnControlDaemon: Executing command invoke-rc.d xl2tpd start
Oct 20 14:58:20 awesomex ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Oct 20 14:58:20 awesomex pluto: adjusting ipsec.d to /etc/ipsec.d
Oct 20 14:58:20 awesomex xl2tpd[25781]: setsockopt recvref[22]: Protocol not available
Oct 20 14:58:20 awesomex xl2tpd[25781]: This binary does not support kernel L2TP.
Oct 20 14:58:20 awesomex xl2tpd[25784]: xl2tpd version xl2tpd-1.2.8 started on awesomex PID:25784
Oct 20 14:58:20 awesomex xl2tpd[25784]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Oct 20 14:58:20 awesomex xl2tpd[25784]: Forked by Scott Balmos and David Stipp, (C) 2001
Oct 20 14:58:20 awesomex xl2tpd[25784]: Inherited by Jeff McAdams, (C) 2002
Oct 20 14:58:20 awesomex xl2tpd[25784]: Forked again by Xelerance (www.xelerance.com) (C) 2006
Oct 20 14:58:20 awesomex xl2tpd[25784]: Listening on IP address 0.0.0.0, port 1701
Oct 20 14:58:20 awesomex L2tpIPsecVpnControlDaemon: Command invoke-rc.d xl2tpd start finished with exit code 0
Oct 20 14:58:58 awesomex L2tpIPsecVpnControlDaemon: Executing command ipsec auto --ready
Oct 20 14:58:58 awesomex L2tpIPsecVpnControlDaemon: Command ipsec auto --ready finished with exit code 0
Oct 20 14:58:59 awesomex L2tpIPsecVpnControlDaemon: Executing command ipsec auto --up Test_Connection
Oct 20 14:58:59 awesomex L2tpIPsecVpnControlDaemon: Command ipsec auto --up Test_Connection finished with exit code 0
Oct 20 14:58:59 awesomex L2tpIPsecVpnControlDaemon: Closing client connection

Question information

Language:
English Edit question
Status:
Solved
For:
L2TP over IPsec VPN Manager Edit question
Assignee:
No assignee Edit question
Solved by:
Werner Jaeger
Solved:
Last query:
Last reply:
Revision history for this message
Best Werner Jaeger (werner-jaeger) said : 		#1

Hi Nicolas,

I just fixed this bug. The new version 1.0.2, with this bug fixed, should be available tomorrow in my PPA.

Cheers,
 Werner

Revision history for this message
Nicholas Taylor (ntaylor-i) said : 		#2

Thanks Werner Jaeger, that solved my question.