OS X server behind NAT failed to negotiate
Good day,
I greatly appreciate this project, because it seems like it's providing exactly the functionality I need. Unfortunately, I am new to setting up VPNs and have no luck connecting so far.
I'm using the latest code being *vpn_1.0.7 and *daemon_0.9.9, self compiled on Ubuntu 12.04. Trying to connect to a OS X server that lives behind NAT. Since Mac and Windows client have no problem connecting to it (though in Win I have to hack the registry for nat traversal), Ubuntu gives up with the following log:
Sep 13 13:44:55.587 ipsec_setup: Starting Openswan IPsec U2.6.37/
Sep 13 13:44:55.955 ipsec__plutorun: Starting Pluto subsystem...
Sep 13 13:44:55.973 recvref[30]: Protocol not available
Sep 13 13:44:55.973 xl2tpd[6622]: This binary does not support kernel L2TP.
Sep 13 13:44:55.974 xl2tpd[6623]: xl2tpd version xl2tpd-1.3.1 started on separate-reality PID:6623
Sep 13 13:44:55.974 xl2tpd[6623]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Sep 13 13:44:55.975 xl2tpd[6623]: Forked by Scott Balmos and David Stipp, (C) 2001
Sep 13 13:44:55.975 xl2tpd[6623]: Inherited by Jeff McAdams, (C) 2002
Sep 13 13:44:55.975 xl2tpd[6623]: Forked again by Xelerance (www.xelerance.com) (C) 2006
Sep 13 13:44:55.976 xl2tpd[6623]: Listening on IP address 0.0.0.0, port 1701
Sep 13 13:44:55.976 Starting xl2tpd: xl2tpd.
Sep 13 13:44:56.107 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Sep 13 13:44:56.171 ipsec__plutorun: 002 added connection description "SR_VPN"
Sep 13 13:46:06.306 104 "SR_VPN" #1: STATE_MAIN_I1: initiate
Sep 13 13:46:06.306 010 "SR_VPN" #1: STATE_MAIN_I1: retransmission; will wait 20s for response
Sep 13 13:46:06.306 010 "SR_VPN" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
Sep 13 13:46:06.306 031 "SR_VPN" #1: max number of retransmissions (2) reached STATE_MAIN_I1. No response (or no acceptable response) to our first IKE message
Sep 13 13:46:06.307 000 "SR_VPN" #1: starting keying attempt 2 of at most 3, but releasing whack
Sep 13 13:46:06.307 [ERROR 300] 'IPsec' failed to negotiate or establish security associations
As for my configuration, Server Identity is blank (i don't know what to put there, but I've tried multiple things to no avail) and in the PPP tab I'm allowing everything and providing credentials. In main Preferences, PKCS 11 Path is empty - I haven't touched it, but not sure what to set it to.
Thanks in advance for any advice, and I will be happy to cooperate and answer any further questions.
Question information
- Language:
- English Edit question
- Status:
- Solved
- Assignee:
- No assignee Edit question
- Solved by:
- frogman
- Solved:
- Last query:
- Last reply:
|
Revision history for this message
|
#1 |
|
Revision history for this message
|
#2 |
