Connect to a IPSec/L2TP VPN pre-shared-keyConfiguring OS X L2TP VPN to use Certificate for IPSEC layer instead of Pre Shared KeyL2TP/IPSec PreShared Key VPNChanging an IPSec pre-shared key without bringing down the tunnel (too long)L2TP/IPSec Conectivity ProblemsCannot connect to IPSEC/L2TP VPN Arch Linux/Windows 8Cannot connect to my L2TP IPSec VPNrecover IPSec VPN preshared keypfSense/strongSwan “deleting half open IKE_SA after timeout” - IPSec connection Android 4.4 to pfSense 2.2.1 failsIPSec/L2TP VPN server with multiple IP: connect with different ip failL2TP/IPSec VPN setup Windows Server 2012 R2
Doing something right before you need it - expression for this?
If a Gelatinous Cube takes up the entire space of a Pit Trap, what happens when a creature falls into the trap but succeeds on the saving throw?
Python: return float 1.0 as int 1 but float 1.5 as float 1.5
I Accidentally Deleted a Stock Terminal Theme
Infinite Abelian subgroup of infinite non Abelian group example
Forgetting the musical notes while performing in concert
Blender 2.8 I can't see vertices, edges or faces in edit mode
Theorems that impeded progress
Why is consensus so controversial in Britain?
Why doesn't H₄O²⁺ exist?
What is going on with Captain Marvel's blood colour?
How could indestructible materials be used in power generation?
How much of data wrangling is a data scientist's job?
Do I have a twin with permutated remainders?
AES: Why is it a good practice to use only the first 16bytes of a hash for encryption?
Is it canonical bit space?
Is it inappropriate for a student to attend their mentor's dissertation defense?
Why can't we play rap on piano?
Is the Joker left-handed?
Could gravitational lensing be used to protect a spaceship from a laser?
How to show the equivalence between the regularized regression and their constraint formulas using KKT
Etiquette around loan refinance - decision is going to cost first broker a lot of money
A reference to a well-known characterization of scattered compact spaces
Why is the 'in' operator throwing an error with a string literal instead of logging false?
Connect to a IPSec/L2TP VPN pre-shared-key
Configuring OS X L2TP VPN to use Certificate for IPSEC layer instead of Pre Shared KeyL2TP/IPSec PreShared Key VPNChanging an IPSec pre-shared key without bringing down the tunnel (too long)L2TP/IPSec Conectivity ProblemsCannot connect to IPSEC/L2TP VPN Arch Linux/Windows 8Cannot connect to my L2TP IPSec VPNrecover IPSec VPN preshared keypfSense/strongSwan “deleting half open IKE_SA after timeout” - IPSec connection Android 4.4 to pfSense 2.2.1 failsIPSec/L2TP VPN server with multiple IP: connect with different ip failL2TP/IPSec VPN setup Windows Server 2012 R2
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
0
I want to connect to an IPSec secured L2TP tunnelled VPN network with a pre-shared-key.
I'm using networkmanager-l2tp for this. As Phase1 Algorithms as well as for Phase2 Algorithms I have: aes128-sha1-modp2048!
Otherwise, I have like the standard settings.
I've looked into the journal of my operating system but there I only see that the CHAP authentication failed, I can't see anything helpful in the rest of the log. I can see on the server in/var/log/auth.log` that the request is coming into the server.
Can someone have a look at the logs and help me? I've masked my IP address as 12.123.123.1 and the remote address as 98.987.98.987
Client(journal):
pc audit[738]: USYS_CONFIG pid=738 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=06be7e74-f0fc-49be-884f-48f679984be7 name=56504E20636F6E6E656374696F6E2033 pid=1491 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
pc NetworkManager[738]: <info> [1554190253.1395] audit: op="connection-activate" uuid="06be7e74-f0fc-49be-884f-48f679984be7" name="VPN connection 3" pid=1491 uid=1000 result="success"
pc kernel: kauditd_printk_skb: 7 callbacks suppressed
pc kernel: audit: type=1111 audit(1554190253.133:141): pid=738 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=06be7e74-f0fc-49be-884f-48f679984be7 name=56504E20636F6E6E656374696F6E2033 pid=1491 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
pc NetworkManager[738]: <info> [1554190253.1434] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: Started the VPN service, PID 19814
pc NetworkManager[738]: <info> [1554190253.1518] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: Saw the service appear; activating connection
pc NetworkManager[738]: <info> [1554190253.2070] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN connection: (ConnectInteractive) reply received
pc nm-l2tp-service[19814]: Check port 1701
pc NetworkManager[738]: Stopping strongSwan IPsec failed: starter is not running
pc NetworkManager[738]: Starting strongSwan 5.7.2 IPsec [starter]...
pc ipsec_starter[19827]: Starting strongSwan 5.7.2 IPsec [starter]...
pc NetworkManager[738]: Loading config setup
pc NetworkManager[738]: Loading conn '06be7e74-f0fc-49be-884f-48f679984be7'
pc ipsec_starter[19827]: Loading config setup
pc ipsec_starter[19827]: Loading conn '06be7e74-f0fc-49be-884f-48f679984be7'
pc NetworkManager[738]: found netkey IPsec stack
pc ipsec_starter[19827]: found netkey IPsec stack
pc ipsec_starter[19843]: Attempting to start charon...
pc charon[19844]: 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 5.0.5-arch1-1-ARCH, x86_64)
pc charon[19844]: 00[CFG] PKCS11 module '<name>' lacks library path
pc charon[19844]: 00[CFG] attr-sql plugin: database URI not set
pc charon[19844]: 00[NET] using forecast interface wlp3s0
pc charon[19844]: 00[CFG] joining forecast multicast groups: 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250
pc charon[19844]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
pc charon[19844]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
pc charon[19844]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
pc charon[19844]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
pc charon[19844]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
pc charon[19844]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
pc charon[19844]: 00[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
pc charon[19844]: 00[CFG] loaded IKE secret for %any
pc charon[19844]: 00[CFG] sql plugin: database URI not set
pc charon[19844]: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
pc charon[19844]: 00[CFG] loaded 0 RADIUS server configurations
pc charon[19844]: 00[CFG] HA config misses local/remote address
pc charon[19844]: 00[CFG] no script for ext-auth script defined, disabled
pc charon[19844]: 00[LIB] loaded plugins: charon ldap pkcs11 aesni aes des rc2 sha2 sha3 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ntru newhope bliss curl mysql sqlite attr kernel-netlink resolve socket-default bypass-lan connmark forecast farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp radattr unity counters
pc charon[19844]: 00[LIB] dropped capabilities, running as uid 0, gid 0
pc charon[19844]: 00[JOB] spawning 16 worker threads
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc charon[19844]: 05[IKE] installed bypass policy for 192.168.178.0/24
pc charon[19844]: 05[KNL] received netlink error: Invalid argument (22)
pc charon[19844]: 05[KNL] unable to install source route for %any6
pc charon[19844]: 05[IKE] installed bypass policy for ::1/128
pc charon[19844]: 05[IKE] installed bypass policy for 2003:e4:72b:f000::/64
pc charon[19844]: 05[IKE] installed bypass policy for fe80::/64
pc kernel: audit: type=1415 audit(1554190255.439:142): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:143): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:144): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:145): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:146): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:147): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:148): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190255.439:149): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190255.439:150): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc ipsec_starter[19843]: charon (19844) started after 20 ms
pc charon[19844]: 09[CFG] received stroke: add connection '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 09[CFG] added configuration '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 11[CFG] rereading secrets
pc charon[19844]: 11[CFG] loading secrets from '/etc/ipsec.secrets'
pc charon[19844]: 11[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
pc charon[19844]: 11[CFG] loaded IKE secret for %any
pc charon[19844]: 14[CFG] received stroke: initiate '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 15[IKE] initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc charon[19844]: 15[IKE] initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc charon[19844]: 15[ENC] generating ID_PROT request 0 [ SA V V V V V ]
pc charon[19844]: 15[NET] sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (180 bytes)
pc charon[19844]: 16[NET] received packet: from 98.987.98.987[500] to 192.168.178.84[500] (144 bytes)
pc charon[19844]: 16[ENC] parsed ID_PROT response 0 [ SA V V V ]
pc charon[19844]: 16[IKE] received FRAGMENTATION vendor ID
pc charon[19844]: 16[IKE] received DPD vendor ID
pc charon[19844]: 16[IKE] received NAT-T (RFC 3947) vendor ID
pc charon[19844]: 16[CFG] selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
pc charon[19844]: 16[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
pc charon[19844]: 16[NET] sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (372 bytes)
pc charon[19844]: 07[NET] received packet: from 98.987.98.987[500] to 192.168.178.84[500] (372 bytes)
pc charon[19844]: 07[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
pc charon[19844]: 07[IKE] local host is behind NAT, sending keep alives
pc charon[19844]: 07[IKE] remote host is behind NAT
pc charon[19844]: 07[ENC] generating ID_PROT request 0 [ ID HASH ]
pc charon[19844]: 07[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc charon[19844]: 06[NET] received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (76 bytes)
pc charon[19844]: 06[ENC] parsed ID_PROT response 0 [ ID HASH V ]
pc charon[19844]: 06[ENC] received unknown vendor ID: 49:4b:45:76:32
pc charon[19844]: 06[IKE] IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 06[IKE] IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 06[IKE] scheduling reauthentication in 9921s
pc charon[19844]: 06[IKE] maximum IKE_SA lifetime 10461s
pc charon[19844]: 06[ENC] generating QUICK_MODE request 723900467 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
pc charon[19844]: 06[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (460 bytes)
pc charon[19844]: 08[NET] received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (428 bytes)
pc charon[19844]: 08[ENC] parsed QUICK_MODE response 723900467 [ HASH SA No KE ID ID ]
pc charon[19844]: 08[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
pc audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc charon[19844]: 08[IKE] CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 08[IKE] CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 08[ENC] generating QUICK_MODE request 723900467 [ HASH ]
pc NetworkManager[738]: initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc NetworkManager[738]: generating ID_PROT request 0 [ SA V V V V V ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (180 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[500] to 192.168.178.84[500] (144 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ SA V V V ]
pc NetworkManager[738]: received FRAGMENTATION vendor ID
pc NetworkManager[738]: received DPD vendor ID
pc NetworkManager[738]: received NAT-T (RFC 3947) vendor ID
pc NetworkManager[738]: selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
pc NetworkManager[738]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (372 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[500] to 192.168.178.84[500] (372 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
pc NetworkManager[738]: local host is behind NAT, sending keep alives
pc NetworkManager[738]: remote host is behind NAT
pc NetworkManager[738]: generating ID_PROT request 0 [ ID HASH ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (76 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ ID HASH V ]
pc NetworkManager[738]: received unknown vendor ID: 49:4b:45:76:32
pc NetworkManager[738]: IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc NetworkManager[738]: scheduling reauthentication in 9921s
pc NetworkManager[738]: maximum IKE_SA lifetime 10461s
pc NetworkManager[738]: generating QUICK_MODE request 723900467 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (460 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (428 bytes)
pc NetworkManager[738]: parsed QUICK_MODE response 723900467 [ HASH SA No KE ID ID ]
pc NetworkManager[738]: selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
pc NetworkManager[738]: CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc NetworkManager[738]: connection '06be7e74-f0fc-49be-884f-48f679984be7' established successfully
pc charon[19844]: 08[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (60 bytes)
pc nm-l2tp-service[19814]: xl2tpd started with pid 19877
pc NetworkManager[738]: xl2tpd[19877]: Not looking for kernel SAref support.
pc NetworkManager[738]: xl2tpd[19877]: Using l2tp kernel support.
pc NetworkManager[738]: xl2tpd[19877]: xl2tpd version xl2tpd-1.3.13 started on farbbox PID:19877
pc NetworkManager[738]: xl2tpd[19877]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
pc NetworkManager[738]: xl2tpd[19877]: Forked by Scott Balmos and David Stipp, (C) 2001
pc NetworkManager[738]: xl2tpd[19877]: Inherited by Jeff McAdams, (C) 2002
pc NetworkManager[738]: xl2tpd[19877]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
pc NetworkManager[738]: xl2tpd[19877]: Listening on IP address 0.0.0.0, port 1701
pc NetworkManager[738]: xl2tpd[19877]: Connecting to host 98.987.98.987, port 1701
pc NetworkManager[738]: <info> [1554190256.7594] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: starting (3)
pc NetworkManager[738]: xl2tpd[19877]: Connection established to 98.987.98.987, 1701. Local: 18031, Remote: 6532 (ref=0/0).
pc NetworkManager[738]: xl2tpd[19877]: Calling on tunnel 18031
pc NetworkManager[738]: xl2tpd[19877]: Call established with 98.987.98.987, Local: 59328, Remote: 58391, Serial: 1 (ref=0/0)
pc NetworkManager[738]: xl2tpd[19877]: start_pppd: I'm running:
pc NetworkManager[738]: xl2tpd[19877]: "/usr/sbin/pppd"
pc NetworkManager[738]: xl2tpd[19877]: "plugin"
pc NetworkManager[738]: xl2tpd[19877]: "pppol2tp.so"
pc NetworkManager[738]: xl2tpd[19877]: "pppol2tp"
pc NetworkManager[738]: xl2tpd[19877]: "7"
pc NetworkManager[738]: xl2tpd[19877]: "passive"
pc NetworkManager[738]: xl2tpd[19877]: "nodetach"
pc NetworkManager[738]: xl2tpd[19877]: ":"
pc NetworkManager[738]: xl2tpd[19877]: "file"
pc NetworkManager[738]: xl2tpd[19877]: "/var/run/nm-l2tp-06be7e74-f0fc-49be-884f-48f679984be7/ppp-options"
pc pppd[19878]: Plugin pppol2tp.so loaded.
pc pppd[19878]: Plugin /usr/lib/pppd/2.4.7/nm-l2tp-pppd-plugin.so loaded.
pc pppd[19878]: pppd 2.4.7 started by root, uid 0
pc pppd[19878]: Using interface ppp0
pc pppd[19878]: Connect: ppp0 <-->
pc pppd[19878]: Overriding mtu 1500 to 1400
pc pppd[19878]: Overriding mru 1500 to mtu value 1400
pc NetworkManager[738]: <info> [1554190256.8151] manager: (ppp0): new Ppp device (/org/freedesktop/NetworkManager/Devices/8)
pc systemd-udevd[19881]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
pc pppd[19878]: CHAP authentication failed
pc pppd[19878]: CHAP authentication failed
pc pppd[19878]: Overriding mtu 1500 to 1400
pc pppd[19878]: Overriding mru 1500 to mtu value 1400
pc pppd[19878]: Connection terminated.
pc charon[19844]: 06[KNL] interface ppp0 deleted
pc NetworkManager[738]: xl2tpd[19877]: death_handler: Fatal signal 15 received
pc NetworkManager[738]: xl2tpd[19877]: Terminating pppd: sending TERM signal to pid 19878
pc NetworkManager[738]: xl2tpd[19877]: Connection 6532 closed to 98.987.98.987, port 1701 (Server closing)
pc NetworkManager[738]: <warn> [1554190259.8744] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: failed: connect-failed (1)
pc NetworkManager[738]: <info> [1554190259.8773] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: stopping (5)
pc NetworkManager[738]: Stopping strongSwan IPsec...
pc charon[19844]: 00[DMN] signal of type SIGINT received. Shutting down
pc charon[19844]: 00[IKE] closing CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 with SPIs c1cacaf0_i (473 bytes) f54bd2bb_o (589 bytes) and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: kauditd_printk_skb: 7 callbacks suppressed
pc kernel: audit: type=1415 audit(1554190259.883:158): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc kernel: audit: type=1415 audit(1554190259.883:159): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc kernel: audit: type=1415 audit(1554190259.883:160): op=SAD-delete auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc kernel: audit: type=1415 audit(1554190259.883:161): op=SAD-delete auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc kernel: audit: type=1415 audit(1554190259.883:162): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:163): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:164): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:165): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:166): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:167): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc charon[19844]: 00[IKE] closing CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 with SPIs c1cacaf0_i (473 bytes) f54bd2bb_o (589 bytes) and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 00[IKE] sending DELETE for ESP CHILD_SA with SPI c1cacaf0
pc charon[19844]: 00[ENC] generating INFORMATIONAL_V1 request 1337363464 [ HASH D ]
pc charon[19844]: 00[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc charon[19844]: 00[IKE] deleting IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 00[IKE] deleting IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 00[IKE] sending DELETE for IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1]
pc charon[19844]: 00[ENC] generating INFORMATIONAL_V1 request 2220117092 [ HASH D ]
pc charon[19844]: 00[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (92 bytes)
pc audit: MAC_IPSEC_EVENT op=SA-notfound src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) seqno=13
pc pppd[19878]: Exit.
pc charon[19844]: 00[IKE] uninstalling bypass policy for 192.168.178.0/24
pc charon[19844]: 00[IKE] uninstalling bypass policy for 2003:e4:72b:f000::/64
pc charon[19844]: 00[IKE] uninstalling bypass policy for fe80::/64
pc charon[19844]: 00[IKE] uninstalling bypass policy for ::1/128
pc ipsec_starter[19843]: child 19844 (charon) has quit (exit code 0)
pc ipsec_starter[19843]:
pc ipsec_starter[19843]: charon stopped after 200 ms
pc ipsec_starter[19843]: ipsec starter stopped
pc nm-l2tp-service[19814]: ipsec shut down
pc NetworkManager[738]: <info> [1554190260.0988] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: stopped (6)
pc NetworkManager[738]: <info> [1554190260.1019] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN service disappeared
networking vpn arch-linux
asked 2 days ago
mstruebingmstruebing
1011
New contributor
mstruebing is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
0
I want to connect to an IPSec secured L2TP tunnelled VPN network with a pre-shared-key.
I'm using networkmanager-l2tp for this. As Phase1 Algorithms as well as for Phase2 Algorithms I have: aes128-sha1-modp2048!
Otherwise, I have like the standard settings.
I've looked into the journal of my operating system but there I only see that the CHAP authentication failed, I can't see anything helpful in the rest of the log. I can see on the server in/var/log/auth.log` that the request is coming into the server.
Can someone have a look at the logs and help me? I've masked my IP address as 12.123.123.1 and the remote address as 98.987.98.987
Client(journal):
pc audit[738]: USYS_CONFIG pid=738 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=06be7e74-f0fc-49be-884f-48f679984be7 name=56504E20636F6E6E656374696F6E2033 pid=1491 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
pc NetworkManager[738]: <info> [1554190253.1395] audit: op="connection-activate" uuid="06be7e74-f0fc-49be-884f-48f679984be7" name="VPN connection 3" pid=1491 uid=1000 result="success"
pc kernel: kauditd_printk_skb: 7 callbacks suppressed
pc kernel: audit: type=1111 audit(1554190253.133:141): pid=738 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=06be7e74-f0fc-49be-884f-48f679984be7 name=56504E20636F6E6E656374696F6E2033 pid=1491 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
pc NetworkManager[738]: <info> [1554190253.1434] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: Started the VPN service, PID 19814
pc NetworkManager[738]: <info> [1554190253.1518] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: Saw the service appear; activating connection
pc NetworkManager[738]: <info> [1554190253.2070] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN connection: (ConnectInteractive) reply received
pc nm-l2tp-service[19814]: Check port 1701
pc NetworkManager[738]: Stopping strongSwan IPsec failed: starter is not running
pc NetworkManager[738]: Starting strongSwan 5.7.2 IPsec [starter]...
pc ipsec_starter[19827]: Starting strongSwan 5.7.2 IPsec [starter]...
pc NetworkManager[738]: Loading config setup
pc NetworkManager[738]: Loading conn '06be7e74-f0fc-49be-884f-48f679984be7'
pc ipsec_starter[19827]: Loading config setup
pc ipsec_starter[19827]: Loading conn '06be7e74-f0fc-49be-884f-48f679984be7'
pc NetworkManager[738]: found netkey IPsec stack
pc ipsec_starter[19827]: found netkey IPsec stack
pc ipsec_starter[19843]: Attempting to start charon...
pc charon[19844]: 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 5.0.5-arch1-1-ARCH, x86_64)
pc charon[19844]: 00[CFG] PKCS11 module '<name>' lacks library path
pc charon[19844]: 00[CFG] attr-sql plugin: database URI not set
pc charon[19844]: 00[NET] using forecast interface wlp3s0
pc charon[19844]: 00[CFG] joining forecast multicast groups: 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250
pc charon[19844]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
pc charon[19844]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
pc charon[19844]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
pc charon[19844]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
pc charon[19844]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
pc charon[19844]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
pc charon[19844]: 00[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
pc charon[19844]: 00[CFG] loaded IKE secret for %any
pc charon[19844]: 00[CFG] sql plugin: database URI not set
pc charon[19844]: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
pc charon[19844]: 00[CFG] loaded 0 RADIUS server configurations
pc charon[19844]: 00[CFG] HA config misses local/remote address
pc charon[19844]: 00[CFG] no script for ext-auth script defined, disabled
pc charon[19844]: 00[LIB] loaded plugins: charon ldap pkcs11 aesni aes des rc2 sha2 sha3 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ntru newhope bliss curl mysql sqlite attr kernel-netlink resolve socket-default bypass-lan connmark forecast farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp radattr unity counters
pc charon[19844]: 00[LIB] dropped capabilities, running as uid 0, gid 0
pc charon[19844]: 00[JOB] spawning 16 worker threads
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc charon[19844]: 05[IKE] installed bypass policy for 192.168.178.0/24
pc charon[19844]: 05[KNL] received netlink error: Invalid argument (22)
pc charon[19844]: 05[KNL] unable to install source route for %any6
pc charon[19844]: 05[IKE] installed bypass policy for ::1/128
pc charon[19844]: 05[IKE] installed bypass policy for 2003:e4:72b:f000::/64
pc charon[19844]: 05[IKE] installed bypass policy for fe80::/64
pc kernel: audit: type=1415 audit(1554190255.439:142): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:143): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:144): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:145): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:146): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:147): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:148): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190255.439:149): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190255.439:150): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc ipsec_starter[19843]: charon (19844) started after 20 ms
pc charon[19844]: 09[CFG] received stroke: add connection '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 09[CFG] added configuration '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 11[CFG] rereading secrets
pc charon[19844]: 11[CFG] loading secrets from '/etc/ipsec.secrets'
pc charon[19844]: 11[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
pc charon[19844]: 11[CFG] loaded IKE secret for %any
pc charon[19844]: 14[CFG] received stroke: initiate '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 15[IKE] initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc charon[19844]: 15[IKE] initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc charon[19844]: 15[ENC] generating ID_PROT request 0 [ SA V V V V V ]
pc charon[19844]: 15[NET] sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (180 bytes)
pc charon[19844]: 16[NET] received packet: from 98.987.98.987[500] to 192.168.178.84[500] (144 bytes)
pc charon[19844]: 16[ENC] parsed ID_PROT response 0 [ SA V V V ]
pc charon[19844]: 16[IKE] received FRAGMENTATION vendor ID
pc charon[19844]: 16[IKE] received DPD vendor ID
pc charon[19844]: 16[IKE] received NAT-T (RFC 3947) vendor ID
pc charon[19844]: 16[CFG] selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
pc charon[19844]: 16[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
pc charon[19844]: 16[NET] sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (372 bytes)
pc charon[19844]: 07[NET] received packet: from 98.987.98.987[500] to 192.168.178.84[500] (372 bytes)
pc charon[19844]: 07[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
pc charon[19844]: 07[IKE] local host is behind NAT, sending keep alives
pc charon[19844]: 07[IKE] remote host is behind NAT
pc charon[19844]: 07[ENC] generating ID_PROT request 0 [ ID HASH ]
pc charon[19844]: 07[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc charon[19844]: 06[NET] received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (76 bytes)
pc charon[19844]: 06[ENC] parsed ID_PROT response 0 [ ID HASH V ]
pc charon[19844]: 06[ENC] received unknown vendor ID: 49:4b:45:76:32
pc charon[19844]: 06[IKE] IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 06[IKE] IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 06[IKE] scheduling reauthentication in 9921s
pc charon[19844]: 06[IKE] maximum IKE_SA lifetime 10461s
pc charon[19844]: 06[ENC] generating QUICK_MODE request 723900467 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
pc charon[19844]: 06[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (460 bytes)
pc charon[19844]: 08[NET] received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (428 bytes)
pc charon[19844]: 08[ENC] parsed QUICK_MODE response 723900467 [ HASH SA No KE ID ID ]
pc charon[19844]: 08[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
pc audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc charon[19844]: 08[IKE] CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 08[IKE] CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 08[ENC] generating QUICK_MODE request 723900467 [ HASH ]
pc NetworkManager[738]: initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc NetworkManager[738]: generating ID_PROT request 0 [ SA V V V V V ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (180 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[500] to 192.168.178.84[500] (144 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ SA V V V ]
pc NetworkManager[738]: received FRAGMENTATION vendor ID
pc NetworkManager[738]: received DPD vendor ID
pc NetworkManager[738]: received NAT-T (RFC 3947) vendor ID
pc NetworkManager[738]: selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
pc NetworkManager[738]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (372 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[500] to 192.168.178.84[500] (372 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
pc NetworkManager[738]: local host is behind NAT, sending keep alives
pc NetworkManager[738]: remote host is behind NAT
pc NetworkManager[738]: generating ID_PROT request 0 [ ID HASH ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (76 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ ID HASH V ]
pc NetworkManager[738]: received unknown vendor ID: 49:4b:45:76:32
pc NetworkManager[738]: IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc NetworkManager[738]: scheduling reauthentication in 9921s
pc NetworkManager[738]: maximum IKE_SA lifetime 10461s
pc NetworkManager[738]: generating QUICK_MODE request 723900467 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (460 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (428 bytes)
pc NetworkManager[738]: parsed QUICK_MODE response 723900467 [ HASH SA No KE ID ID ]
pc NetworkManager[738]: selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
pc NetworkManager[738]: CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc NetworkManager[738]: connection '06be7e74-f0fc-49be-884f-48f679984be7' established successfully
pc charon[19844]: 08[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (60 bytes)
pc nm-l2tp-service[19814]: xl2tpd started with pid 19877
pc NetworkManager[738]: xl2tpd[19877]: Not looking for kernel SAref support.
pc NetworkManager[738]: xl2tpd[19877]: Using l2tp kernel support.
pc NetworkManager[738]: xl2tpd[19877]: xl2tpd version xl2tpd-1.3.13 started on farbbox PID:19877
pc NetworkManager[738]: xl2tpd[19877]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
pc NetworkManager[738]: xl2tpd[19877]: Forked by Scott Balmos and David Stipp, (C) 2001
pc NetworkManager[738]: xl2tpd[19877]: Inherited by Jeff McAdams, (C) 2002
pc NetworkManager[738]: xl2tpd[19877]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
pc NetworkManager[738]: xl2tpd[19877]: Listening on IP address 0.0.0.0, port 1701
pc NetworkManager[738]: xl2tpd[19877]: Connecting to host 98.987.98.987, port 1701
pc NetworkManager[738]: <info> [1554190256.7594] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: starting (3)
pc NetworkManager[738]: xl2tpd[19877]: Connection established to 98.987.98.987, 1701. Local: 18031, Remote: 6532 (ref=0/0).
pc NetworkManager[738]: xl2tpd[19877]: Calling on tunnel 18031
pc NetworkManager[738]: xl2tpd[19877]: Call established with 98.987.98.987, Local: 59328, Remote: 58391, Serial: 1 (ref=0/0)
pc NetworkManager[738]: xl2tpd[19877]: start_pppd: I'm running:
pc NetworkManager[738]: xl2tpd[19877]: "/usr/sbin/pppd"
pc NetworkManager[738]: xl2tpd[19877]: "plugin"
pc NetworkManager[738]: xl2tpd[19877]: "pppol2tp.so"
pc NetworkManager[738]: xl2tpd[19877]: "pppol2tp"
pc NetworkManager[738]: xl2tpd[19877]: "7"
pc NetworkManager[738]: xl2tpd[19877]: "passive"
pc NetworkManager[738]: xl2tpd[19877]: "nodetach"
pc NetworkManager[738]: xl2tpd[19877]: ":"
pc NetworkManager[738]: xl2tpd[19877]: "file"
pc NetworkManager[738]: xl2tpd[19877]: "/var/run/nm-l2tp-06be7e74-f0fc-49be-884f-48f679984be7/ppp-options"
pc pppd[19878]: Plugin pppol2tp.so loaded.
pc pppd[19878]: Plugin /usr/lib/pppd/2.4.7/nm-l2tp-pppd-plugin.so loaded.
pc pppd[19878]: pppd 2.4.7 started by root, uid 0
pc pppd[19878]: Using interface ppp0
pc pppd[19878]: Connect: ppp0 <-->
pc pppd[19878]: Overriding mtu 1500 to 1400
pc pppd[19878]: Overriding mru 1500 to mtu value 1400
pc NetworkManager[738]: <info> [1554190256.8151] manager: (ppp0): new Ppp device (/org/freedesktop/NetworkManager/Devices/8)
pc systemd-udevd[19881]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
pc pppd[19878]: CHAP authentication failed
pc pppd[19878]: CHAP authentication failed
pc pppd[19878]: Overriding mtu 1500 to 1400
pc pppd[19878]: Overriding mru 1500 to mtu value 1400
pc pppd[19878]: Connection terminated.
pc charon[19844]: 06[KNL] interface ppp0 deleted
pc NetworkManager[738]: xl2tpd[19877]: death_handler: Fatal signal 15 received
pc NetworkManager[738]: xl2tpd[19877]: Terminating pppd: sending TERM signal to pid 19878
pc NetworkManager[738]: xl2tpd[19877]: Connection 6532 closed to 98.987.98.987, port 1701 (Server closing)
pc NetworkManager[738]: <warn> [1554190259.8744] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: failed: connect-failed (1)
pc NetworkManager[738]: <info> [1554190259.8773] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: stopping (5)
pc NetworkManager[738]: Stopping strongSwan IPsec...
pc charon[19844]: 00[DMN] signal of type SIGINT received. Shutting down
pc charon[19844]: 00[IKE] closing CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 with SPIs c1cacaf0_i (473 bytes) f54bd2bb_o (589 bytes) and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: kauditd_printk_skb: 7 callbacks suppressed
pc kernel: audit: type=1415 audit(1554190259.883:158): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc kernel: audit: type=1415 audit(1554190259.883:159): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc kernel: audit: type=1415 audit(1554190259.883:160): op=SAD-delete auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc kernel: audit: type=1415 audit(1554190259.883:161): op=SAD-delete auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc kernel: audit: type=1415 audit(1554190259.883:162): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:163): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:164): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:165): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:166): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:167): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc charon[19844]: 00[IKE] closing CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 with SPIs c1cacaf0_i (473 bytes) f54bd2bb_o (589 bytes) and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 00[IKE] sending DELETE for ESP CHILD_SA with SPI c1cacaf0
pc charon[19844]: 00[ENC] generating INFORMATIONAL_V1 request 1337363464 [ HASH D ]
pc charon[19844]: 00[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc charon[19844]: 00[IKE] deleting IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 00[IKE] deleting IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 00[IKE] sending DELETE for IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1]
pc charon[19844]: 00[ENC] generating INFORMATIONAL_V1 request 2220117092 [ HASH D ]
pc charon[19844]: 00[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (92 bytes)
pc audit: MAC_IPSEC_EVENT op=SA-notfound src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) seqno=13
pc pppd[19878]: Exit.
pc charon[19844]: 00[IKE] uninstalling bypass policy for 192.168.178.0/24
pc charon[19844]: 00[IKE] uninstalling bypass policy for 2003:e4:72b:f000::/64
pc charon[19844]: 00[IKE] uninstalling bypass policy for fe80::/64
pc charon[19844]: 00[IKE] uninstalling bypass policy for ::1/128
pc ipsec_starter[19843]: child 19844 (charon) has quit (exit code 0)
pc ipsec_starter[19843]:
pc ipsec_starter[19843]: charon stopped after 200 ms
pc ipsec_starter[19843]: ipsec starter stopped
pc nm-l2tp-service[19814]: ipsec shut down
pc NetworkManager[738]: <info> [1554190260.0988] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: stopped (6)
pc NetworkManager[738]: <info> [1554190260.1019] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN service disappeared
networking vpn arch-linux
asked 2 days ago
mstruebingmstruebing
1011
New contributor
mstruebing is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
0
0
0
I want to connect to an IPSec secured L2TP tunnelled VPN network with a pre-shared-key.
I'm using networkmanager-l2tp for this. As Phase1 Algorithms as well as for Phase2 Algorithms I have: aes128-sha1-modp2048!
Otherwise, I have like the standard settings.
I've looked into the journal of my operating system but there I only see that the CHAP authentication failed, I can't see anything helpful in the rest of the log. I can see on the server in/var/log/auth.log` that the request is coming into the server.
Can someone have a look at the logs and help me? I've masked my IP address as 12.123.123.1 and the remote address as 98.987.98.987
Client(journal):
pc audit[738]: USYS_CONFIG pid=738 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=06be7e74-f0fc-49be-884f-48f679984be7 name=56504E20636F6E6E656374696F6E2033 pid=1491 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
pc NetworkManager[738]: <info> [1554190253.1395] audit: op="connection-activate" uuid="06be7e74-f0fc-49be-884f-48f679984be7" name="VPN connection 3" pid=1491 uid=1000 result="success"
pc kernel: kauditd_printk_skb: 7 callbacks suppressed
pc kernel: audit: type=1111 audit(1554190253.133:141): pid=738 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=06be7e74-f0fc-49be-884f-48f679984be7 name=56504E20636F6E6E656374696F6E2033 pid=1491 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
pc NetworkManager[738]: <info> [1554190253.1434] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: Started the VPN service, PID 19814
pc NetworkManager[738]: <info> [1554190253.1518] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: Saw the service appear; activating connection
pc NetworkManager[738]: <info> [1554190253.2070] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN connection: (ConnectInteractive) reply received
pc nm-l2tp-service[19814]: Check port 1701
pc NetworkManager[738]: Stopping strongSwan IPsec failed: starter is not running
pc NetworkManager[738]: Starting strongSwan 5.7.2 IPsec [starter]...
pc ipsec_starter[19827]: Starting strongSwan 5.7.2 IPsec [starter]...
pc NetworkManager[738]: Loading config setup
pc NetworkManager[738]: Loading conn '06be7e74-f0fc-49be-884f-48f679984be7'
pc ipsec_starter[19827]: Loading config setup
pc ipsec_starter[19827]: Loading conn '06be7e74-f0fc-49be-884f-48f679984be7'
pc NetworkManager[738]: found netkey IPsec stack
pc ipsec_starter[19827]: found netkey IPsec stack
pc ipsec_starter[19843]: Attempting to start charon...
pc charon[19844]: 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 5.0.5-arch1-1-ARCH, x86_64)
pc charon[19844]: 00[CFG] PKCS11 module '<name>' lacks library path
pc charon[19844]: 00[CFG] attr-sql plugin: database URI not set
pc charon[19844]: 00[NET] using forecast interface wlp3s0
pc charon[19844]: 00[CFG] joining forecast multicast groups: 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250
pc charon[19844]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
pc charon[19844]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
pc charon[19844]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
pc charon[19844]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
pc charon[19844]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
pc charon[19844]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
pc charon[19844]: 00[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
pc charon[19844]: 00[CFG] loaded IKE secret for %any
pc charon[19844]: 00[CFG] sql plugin: database URI not set
pc charon[19844]: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
pc charon[19844]: 00[CFG] loaded 0 RADIUS server configurations
pc charon[19844]: 00[CFG] HA config misses local/remote address
pc charon[19844]: 00[CFG] no script for ext-auth script defined, disabled
pc charon[19844]: 00[LIB] loaded plugins: charon ldap pkcs11 aesni aes des rc2 sha2 sha3 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ntru newhope bliss curl mysql sqlite attr kernel-netlink resolve socket-default bypass-lan connmark forecast farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp radattr unity counters
pc charon[19844]: 00[LIB] dropped capabilities, running as uid 0, gid 0
pc charon[19844]: 00[JOB] spawning 16 worker threads
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc charon[19844]: 05[IKE] installed bypass policy for 192.168.178.0/24
pc charon[19844]: 05[KNL] received netlink error: Invalid argument (22)
pc charon[19844]: 05[KNL] unable to install source route for %any6
pc charon[19844]: 05[IKE] installed bypass policy for ::1/128
pc charon[19844]: 05[IKE] installed bypass policy for 2003:e4:72b:f000::/64
pc charon[19844]: 05[IKE] installed bypass policy for fe80::/64
pc kernel: audit: type=1415 audit(1554190255.439:142): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:143): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:144): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:145): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:146): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:147): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:148): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190255.439:149): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190255.439:150): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc ipsec_starter[19843]: charon (19844) started after 20 ms
pc charon[19844]: 09[CFG] received stroke: add connection '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 09[CFG] added configuration '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 11[CFG] rereading secrets
pc charon[19844]: 11[CFG] loading secrets from '/etc/ipsec.secrets'
pc charon[19844]: 11[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
pc charon[19844]: 11[CFG] loaded IKE secret for %any
pc charon[19844]: 14[CFG] received stroke: initiate '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 15[IKE] initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc charon[19844]: 15[IKE] initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc charon[19844]: 15[ENC] generating ID_PROT request 0 [ SA V V V V V ]
pc charon[19844]: 15[NET] sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (180 bytes)
pc charon[19844]: 16[NET] received packet: from 98.987.98.987[500] to 192.168.178.84[500] (144 bytes)
pc charon[19844]: 16[ENC] parsed ID_PROT response 0 [ SA V V V ]
pc charon[19844]: 16[IKE] received FRAGMENTATION vendor ID
pc charon[19844]: 16[IKE] received DPD vendor ID
pc charon[19844]: 16[IKE] received NAT-T (RFC 3947) vendor ID
pc charon[19844]: 16[CFG] selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
pc charon[19844]: 16[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
pc charon[19844]: 16[NET] sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (372 bytes)
pc charon[19844]: 07[NET] received packet: from 98.987.98.987[500] to 192.168.178.84[500] (372 bytes)
pc charon[19844]: 07[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
pc charon[19844]: 07[IKE] local host is behind NAT, sending keep alives
pc charon[19844]: 07[IKE] remote host is behind NAT
pc charon[19844]: 07[ENC] generating ID_PROT request 0 [ ID HASH ]
pc charon[19844]: 07[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc charon[19844]: 06[NET] received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (76 bytes)
pc charon[19844]: 06[ENC] parsed ID_PROT response 0 [ ID HASH V ]
pc charon[19844]: 06[ENC] received unknown vendor ID: 49:4b:45:76:32
pc charon[19844]: 06[IKE] IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 06[IKE] IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 06[IKE] scheduling reauthentication in 9921s
pc charon[19844]: 06[IKE] maximum IKE_SA lifetime 10461s
pc charon[19844]: 06[ENC] generating QUICK_MODE request 723900467 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
pc charon[19844]: 06[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (460 bytes)
pc charon[19844]: 08[NET] received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (428 bytes)
pc charon[19844]: 08[ENC] parsed QUICK_MODE response 723900467 [ HASH SA No KE ID ID ]
pc charon[19844]: 08[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
pc audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc charon[19844]: 08[IKE] CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 08[IKE] CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 08[ENC] generating QUICK_MODE request 723900467 [ HASH ]
pc NetworkManager[738]: initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc NetworkManager[738]: generating ID_PROT request 0 [ SA V V V V V ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (180 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[500] to 192.168.178.84[500] (144 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ SA V V V ]
pc NetworkManager[738]: received FRAGMENTATION vendor ID
pc NetworkManager[738]: received DPD vendor ID
pc NetworkManager[738]: received NAT-T (RFC 3947) vendor ID
pc NetworkManager[738]: selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
pc NetworkManager[738]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (372 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[500] to 192.168.178.84[500] (372 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
pc NetworkManager[738]: local host is behind NAT, sending keep alives
pc NetworkManager[738]: remote host is behind NAT
pc NetworkManager[738]: generating ID_PROT request 0 [ ID HASH ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (76 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ ID HASH V ]
pc NetworkManager[738]: received unknown vendor ID: 49:4b:45:76:32
pc NetworkManager[738]: IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc NetworkManager[738]: scheduling reauthentication in 9921s
pc NetworkManager[738]: maximum IKE_SA lifetime 10461s
pc NetworkManager[738]: generating QUICK_MODE request 723900467 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (460 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (428 bytes)
pc NetworkManager[738]: parsed QUICK_MODE response 723900467 [ HASH SA No KE ID ID ]
pc NetworkManager[738]: selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
pc NetworkManager[738]: CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc NetworkManager[738]: connection '06be7e74-f0fc-49be-884f-48f679984be7' established successfully
pc charon[19844]: 08[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (60 bytes)
pc nm-l2tp-service[19814]: xl2tpd started with pid 19877
pc NetworkManager[738]: xl2tpd[19877]: Not looking for kernel SAref support.
pc NetworkManager[738]: xl2tpd[19877]: Using l2tp kernel support.
pc NetworkManager[738]: xl2tpd[19877]: xl2tpd version xl2tpd-1.3.13 started on farbbox PID:19877
pc NetworkManager[738]: xl2tpd[19877]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
pc NetworkManager[738]: xl2tpd[19877]: Forked by Scott Balmos and David Stipp, (C) 2001
pc NetworkManager[738]: xl2tpd[19877]: Inherited by Jeff McAdams, (C) 2002
pc NetworkManager[738]: xl2tpd[19877]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
pc NetworkManager[738]: xl2tpd[19877]: Listening on IP address 0.0.0.0, port 1701
pc NetworkManager[738]: xl2tpd[19877]: Connecting to host 98.987.98.987, port 1701
pc NetworkManager[738]: <info> [1554190256.7594] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: starting (3)
pc NetworkManager[738]: xl2tpd[19877]: Connection established to 98.987.98.987, 1701. Local: 18031, Remote: 6532 (ref=0/0).
pc NetworkManager[738]: xl2tpd[19877]: Calling on tunnel 18031
pc NetworkManager[738]: xl2tpd[19877]: Call established with 98.987.98.987, Local: 59328, Remote: 58391, Serial: 1 (ref=0/0)
pc NetworkManager[738]: xl2tpd[19877]: start_pppd: I'm running:
pc NetworkManager[738]: xl2tpd[19877]: "/usr/sbin/pppd"
pc NetworkManager[738]: xl2tpd[19877]: "plugin"
pc NetworkManager[738]: xl2tpd[19877]: "pppol2tp.so"
pc NetworkManager[738]: xl2tpd[19877]: "pppol2tp"
pc NetworkManager[738]: xl2tpd[19877]: "7"
pc NetworkManager[738]: xl2tpd[19877]: "passive"
pc NetworkManager[738]: xl2tpd[19877]: "nodetach"
pc NetworkManager[738]: xl2tpd[19877]: ":"
pc NetworkManager[738]: xl2tpd[19877]: "file"
pc NetworkManager[738]: xl2tpd[19877]: "/var/run/nm-l2tp-06be7e74-f0fc-49be-884f-48f679984be7/ppp-options"
pc pppd[19878]: Plugin pppol2tp.so loaded.
pc pppd[19878]: Plugin /usr/lib/pppd/2.4.7/nm-l2tp-pppd-plugin.so loaded.
pc pppd[19878]: pppd 2.4.7 started by root, uid 0
pc pppd[19878]: Using interface ppp0
pc pppd[19878]: Connect: ppp0 <-->
pc pppd[19878]: Overriding mtu 1500 to 1400
pc pppd[19878]: Overriding mru 1500 to mtu value 1400
pc NetworkManager[738]: <info> [1554190256.8151] manager: (ppp0): new Ppp device (/org/freedesktop/NetworkManager/Devices/8)
pc systemd-udevd[19881]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
pc pppd[19878]: CHAP authentication failed
pc pppd[19878]: CHAP authentication failed
pc pppd[19878]: Overriding mtu 1500 to 1400
pc pppd[19878]: Overriding mru 1500 to mtu value 1400
pc pppd[19878]: Connection terminated.
pc charon[19844]: 06[KNL] interface ppp0 deleted
pc NetworkManager[738]: xl2tpd[19877]: death_handler: Fatal signal 15 received
pc NetworkManager[738]: xl2tpd[19877]: Terminating pppd: sending TERM signal to pid 19878
pc NetworkManager[738]: xl2tpd[19877]: Connection 6532 closed to 98.987.98.987, port 1701 (Server closing)
pc NetworkManager[738]: <warn> [1554190259.8744] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: failed: connect-failed (1)
pc NetworkManager[738]: <info> [1554190259.8773] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: stopping (5)
pc NetworkManager[738]: Stopping strongSwan IPsec...
pc charon[19844]: 00[DMN] signal of type SIGINT received. Shutting down
pc charon[19844]: 00[IKE] closing CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 with SPIs c1cacaf0_i (473 bytes) f54bd2bb_o (589 bytes) and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: kauditd_printk_skb: 7 callbacks suppressed
pc kernel: audit: type=1415 audit(1554190259.883:158): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc kernel: audit: type=1415 audit(1554190259.883:159): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc kernel: audit: type=1415 audit(1554190259.883:160): op=SAD-delete auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc kernel: audit: type=1415 audit(1554190259.883:161): op=SAD-delete auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc kernel: audit: type=1415 audit(1554190259.883:162): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:163): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:164): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:165): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:166): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:167): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc charon[19844]: 00[IKE] closing CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 with SPIs c1cacaf0_i (473 bytes) f54bd2bb_o (589 bytes) and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 00[IKE] sending DELETE for ESP CHILD_SA with SPI c1cacaf0
pc charon[19844]: 00[ENC] generating INFORMATIONAL_V1 request 1337363464 [ HASH D ]
pc charon[19844]: 00[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc charon[19844]: 00[IKE] deleting IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 00[IKE] deleting IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 00[IKE] sending DELETE for IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1]
pc charon[19844]: 00[ENC] generating INFORMATIONAL_V1 request 2220117092 [ HASH D ]
pc charon[19844]: 00[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (92 bytes)
pc audit: MAC_IPSEC_EVENT op=SA-notfound src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) seqno=13
pc pppd[19878]: Exit.
pc charon[19844]: 00[IKE] uninstalling bypass policy for 192.168.178.0/24
pc charon[19844]: 00[IKE] uninstalling bypass policy for 2003:e4:72b:f000::/64
pc charon[19844]: 00[IKE] uninstalling bypass policy for fe80::/64
pc charon[19844]: 00[IKE] uninstalling bypass policy for ::1/128
pc ipsec_starter[19843]: child 19844 (charon) has quit (exit code 0)
pc ipsec_starter[19843]:
pc ipsec_starter[19843]: charon stopped after 200 ms
pc ipsec_starter[19843]: ipsec starter stopped
pc nm-l2tp-service[19814]: ipsec shut down
pc NetworkManager[738]: <info> [1554190260.0988] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: stopped (6)
pc NetworkManager[738]: <info> [1554190260.1019] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN service disappeared
networking vpn arch-linux
asked 2 days ago
mstruebingmstruebing
1011
New contributor
mstruebing is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I want to connect to an IPSec secured L2TP tunnelled VPN network with a pre-shared-key.
I'm using networkmanager-l2tp for this. As Phase1 Algorithms as well as for Phase2 Algorithms I have: aes128-sha1-modp2048!
Otherwise, I have like the standard settings.
I've looked into the journal of my operating system but there I only see that the CHAP authentication failed, I can't see anything helpful in the rest of the log. I can see on the server in/var/log/auth.log` that the request is coming into the server.
Can someone have a look at the logs and help me? I've masked my IP address as 12.123.123.1 and the remote address as 98.987.98.987
Client(journal):
pc audit[738]: USYS_CONFIG pid=738 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=06be7e74-f0fc-49be-884f-48f679984be7 name=56504E20636F6E6E656374696F6E2033 pid=1491 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
pc NetworkManager[738]: <info> [1554190253.1395] audit: op="connection-activate" uuid="06be7e74-f0fc-49be-884f-48f679984be7" name="VPN connection 3" pid=1491 uid=1000 result="success"
pc kernel: kauditd_printk_skb: 7 callbacks suppressed
pc kernel: audit: type=1111 audit(1554190253.133:141): pid=738 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=06be7e74-f0fc-49be-884f-48f679984be7 name=56504E20636F6E6E656374696F6E2033 pid=1491 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
pc NetworkManager[738]: <info> [1554190253.1434] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: Started the VPN service, PID 19814
pc NetworkManager[738]: <info> [1554190253.1518] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: Saw the service appear; activating connection
pc NetworkManager[738]: <info> [1554190253.2070] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN connection: (ConnectInteractive) reply received
pc nm-l2tp-service[19814]: Check port 1701
pc NetworkManager[738]: Stopping strongSwan IPsec failed: starter is not running
pc NetworkManager[738]: Starting strongSwan 5.7.2 IPsec [starter]...
pc ipsec_starter[19827]: Starting strongSwan 5.7.2 IPsec [starter]...
pc NetworkManager[738]: Loading config setup
pc NetworkManager[738]: Loading conn '06be7e74-f0fc-49be-884f-48f679984be7'
pc ipsec_starter[19827]: Loading config setup
pc ipsec_starter[19827]: Loading conn '06be7e74-f0fc-49be-884f-48f679984be7'
pc NetworkManager[738]: found netkey IPsec stack
pc ipsec_starter[19827]: found netkey IPsec stack
pc ipsec_starter[19843]: Attempting to start charon...
pc charon[19844]: 00[DMN] Starting IKE charon daemon (strongSwan 5.7.2, Linux 5.0.5-arch1-1-ARCH, x86_64)
pc charon[19844]: 00[CFG] PKCS11 module '<name>' lacks library path
pc charon[19844]: 00[CFG] attr-sql plugin: database URI not set
pc charon[19844]: 00[NET] using forecast interface wlp3s0
pc charon[19844]: 00[CFG] joining forecast multicast groups: 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250
pc charon[19844]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
pc charon[19844]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
pc charon[19844]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
pc charon[19844]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
pc charon[19844]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
pc charon[19844]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
pc charon[19844]: 00[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
pc charon[19844]: 00[CFG] loaded IKE secret for %any
pc charon[19844]: 00[CFG] sql plugin: database URI not set
pc charon[19844]: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
pc charon[19844]: 00[CFG] loaded 0 RADIUS server configurations
pc charon[19844]: 00[CFG] HA config misses local/remote address
pc charon[19844]: 00[CFG] no script for ext-auth script defined, disabled
pc charon[19844]: 00[LIB] loaded plugins: charon ldap pkcs11 aesni aes des rc2 sha2 sha3 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ntru newhope bliss curl mysql sqlite attr kernel-netlink resolve socket-default bypass-lan connmark forecast farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp radattr unity counters
pc charon[19844]: 00[LIB] dropped capabilities, running as uid 0, gid 0
pc charon[19844]: 00[JOB] spawning 16 worker threads
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc charon[19844]: 05[IKE] installed bypass policy for 192.168.178.0/24
pc charon[19844]: 05[KNL] received netlink error: Invalid argument (22)
pc charon[19844]: 05[KNL] unable to install source route for %any6
pc charon[19844]: 05[IKE] installed bypass policy for ::1/128
pc charon[19844]: 05[IKE] installed bypass policy for 2003:e4:72b:f000::/64
pc charon[19844]: 05[IKE] installed bypass policy for fe80::/64
pc kernel: audit: type=1415 audit(1554190255.439:142): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:143): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:144): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: audit: type=1415 audit(1554190255.439:145): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:146): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:147): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc kernel: audit: type=1415 audit(1554190255.439:148): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190255.439:149): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190255.439:150): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc ipsec_starter[19843]: charon (19844) started after 20 ms
pc charon[19844]: 09[CFG] received stroke: add connection '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 09[CFG] added configuration '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 11[CFG] rereading secrets
pc charon[19844]: 11[CFG] loading secrets from '/etc/ipsec.secrets'
pc charon[19844]: 11[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
pc charon[19844]: 11[CFG] loaded IKE secret for %any
pc charon[19844]: 14[CFG] received stroke: initiate '06be7e74-f0fc-49be-884f-48f679984be7'
pc charon[19844]: 15[IKE] initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc charon[19844]: 15[IKE] initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc charon[19844]: 15[ENC] generating ID_PROT request 0 [ SA V V V V V ]
pc charon[19844]: 15[NET] sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (180 bytes)
pc charon[19844]: 16[NET] received packet: from 98.987.98.987[500] to 192.168.178.84[500] (144 bytes)
pc charon[19844]: 16[ENC] parsed ID_PROT response 0 [ SA V V V ]
pc charon[19844]: 16[IKE] received FRAGMENTATION vendor ID
pc charon[19844]: 16[IKE] received DPD vendor ID
pc charon[19844]: 16[IKE] received NAT-T (RFC 3947) vendor ID
pc charon[19844]: 16[CFG] selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
pc charon[19844]: 16[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
pc charon[19844]: 16[NET] sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (372 bytes)
pc charon[19844]: 07[NET] received packet: from 98.987.98.987[500] to 192.168.178.84[500] (372 bytes)
pc charon[19844]: 07[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
pc charon[19844]: 07[IKE] local host is behind NAT, sending keep alives
pc charon[19844]: 07[IKE] remote host is behind NAT
pc charon[19844]: 07[ENC] generating ID_PROT request 0 [ ID HASH ]
pc charon[19844]: 07[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc charon[19844]: 06[NET] received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (76 bytes)
pc charon[19844]: 06[ENC] parsed ID_PROT response 0 [ ID HASH V ]
pc charon[19844]: 06[ENC] received unknown vendor ID: 49:4b:45:76:32
pc charon[19844]: 06[IKE] IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 06[IKE] IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 06[IKE] scheduling reauthentication in 9921s
pc charon[19844]: 06[IKE] maximum IKE_SA lifetime 10461s
pc charon[19844]: 06[ENC] generating QUICK_MODE request 723900467 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
pc charon[19844]: 06[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (460 bytes)
pc charon[19844]: 08[NET] received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (428 bytes)
pc charon[19844]: 08[ENC] parsed QUICK_MODE response 723900467 [ HASH SA No KE ID ID ]
pc charon[19844]: 08[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
pc audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc charon[19844]: 08[IKE] CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 08[IKE] CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 08[ENC] generating QUICK_MODE request 723900467 [ HASH ]
pc NetworkManager[738]: initiating Main Mode IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] to 98.987.98.987
pc NetworkManager[738]: generating ID_PROT request 0 [ SA V V V V V ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (180 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[500] to 192.168.178.84[500] (144 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ SA V V V ]
pc NetworkManager[738]: received FRAGMENTATION vendor ID
pc NetworkManager[738]: received DPD vendor ID
pc NetworkManager[738]: received NAT-T (RFC 3947) vendor ID
pc NetworkManager[738]: selected proposal: IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
pc NetworkManager[738]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[500] to 98.987.98.987[500] (372 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[500] to 192.168.178.84[500] (372 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
pc NetworkManager[738]: local host is behind NAT, sending keep alives
pc NetworkManager[738]: remote host is behind NAT
pc NetworkManager[738]: generating ID_PROT request 0 [ ID HASH ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (76 bytes)
pc NetworkManager[738]: parsed ID_PROT response 0 [ ID HASH V ]
pc NetworkManager[738]: received unknown vendor ID: 49:4b:45:76:32
pc NetworkManager[738]: IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] established between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc NetworkManager[738]: scheduling reauthentication in 9921s
pc NetworkManager[738]: maximum IKE_SA lifetime 10461s
pc NetworkManager[738]: generating QUICK_MODE request 723900467 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
pc NetworkManager[738]: sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (460 bytes)
pc NetworkManager[738]: received packet: from 98.987.98.987[4500] to 192.168.178.84[4500] (428 bytes)
pc NetworkManager[738]: parsed QUICK_MODE response 723900467 [ HASH SA No KE ID ID ]
pc NetworkManager[738]: selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/MODP_2048/NO_EXT_SEQ
pc NetworkManager[738]: CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 established with SPIs c1cacaf0_i f54bd2bb_o and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc NetworkManager[738]: connection '06be7e74-f0fc-49be-884f-48f679984be7' established successfully
pc charon[19844]: 08[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (60 bytes)
pc nm-l2tp-service[19814]: xl2tpd started with pid 19877
pc NetworkManager[738]: xl2tpd[19877]: Not looking for kernel SAref support.
pc NetworkManager[738]: xl2tpd[19877]: Using l2tp kernel support.
pc NetworkManager[738]: xl2tpd[19877]: xl2tpd version xl2tpd-1.3.13 started on farbbox PID:19877
pc NetworkManager[738]: xl2tpd[19877]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
pc NetworkManager[738]: xl2tpd[19877]: Forked by Scott Balmos and David Stipp, (C) 2001
pc NetworkManager[738]: xl2tpd[19877]: Inherited by Jeff McAdams, (C) 2002
pc NetworkManager[738]: xl2tpd[19877]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
pc NetworkManager[738]: xl2tpd[19877]: Listening on IP address 0.0.0.0, port 1701
pc NetworkManager[738]: xl2tpd[19877]: Connecting to host 98.987.98.987, port 1701
pc NetworkManager[738]: <info> [1554190256.7594] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: starting (3)
pc NetworkManager[738]: xl2tpd[19877]: Connection established to 98.987.98.987, 1701. Local: 18031, Remote: 6532 (ref=0/0).
pc NetworkManager[738]: xl2tpd[19877]: Calling on tunnel 18031
pc NetworkManager[738]: xl2tpd[19877]: Call established with 98.987.98.987, Local: 59328, Remote: 58391, Serial: 1 (ref=0/0)
pc NetworkManager[738]: xl2tpd[19877]: start_pppd: I'm running:
pc NetworkManager[738]: xl2tpd[19877]: "/usr/sbin/pppd"
pc NetworkManager[738]: xl2tpd[19877]: "plugin"
pc NetworkManager[738]: xl2tpd[19877]: "pppol2tp.so"
pc NetworkManager[738]: xl2tpd[19877]: "pppol2tp"
pc NetworkManager[738]: xl2tpd[19877]: "7"
pc NetworkManager[738]: xl2tpd[19877]: "passive"
pc NetworkManager[738]: xl2tpd[19877]: "nodetach"
pc NetworkManager[738]: xl2tpd[19877]: ":"
pc NetworkManager[738]: xl2tpd[19877]: "file"
pc NetworkManager[738]: xl2tpd[19877]: "/var/run/nm-l2tp-06be7e74-f0fc-49be-884f-48f679984be7/ppp-options"
pc pppd[19878]: Plugin pppol2tp.so loaded.
pc pppd[19878]: Plugin /usr/lib/pppd/2.4.7/nm-l2tp-pppd-plugin.so loaded.
pc pppd[19878]: pppd 2.4.7 started by root, uid 0
pc pppd[19878]: Using interface ppp0
pc pppd[19878]: Connect: ppp0 <-->
pc pppd[19878]: Overriding mtu 1500 to 1400
pc pppd[19878]: Overriding mru 1500 to mtu value 1400
pc NetworkManager[738]: <info> [1554190256.8151] manager: (ppp0): new Ppp device (/org/freedesktop/NetworkManager/Devices/8)
pc systemd-udevd[19881]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
pc pppd[19878]: CHAP authentication failed
pc pppd[19878]: CHAP authentication failed
pc pppd[19878]: Overriding mtu 1500 to 1400
pc pppd[19878]: Overriding mru 1500 to mtu value 1400
pc pppd[19878]: Connection terminated.
pc charon[19844]: 06[KNL] interface ppp0 deleted
pc NetworkManager[738]: xl2tpd[19877]: death_handler: Fatal signal 15 received
pc NetworkManager[738]: xl2tpd[19877]: Terminating pppd: sending TERM signal to pid 19878
pc NetworkManager[738]: xl2tpd[19877]: Connection 6532 closed to 98.987.98.987, port 1701 (Server closing)
pc NetworkManager[738]: <warn> [1554190259.8744] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: failed: connect-failed (1)
pc NetworkManager[738]: <info> [1554190259.8773] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: stopping (5)
pc NetworkManager[738]: Stopping strongSwan IPsec...
pc charon[19844]: 00[DMN] signal of type SIGINT received. Shutting down
pc charon[19844]: 00[IKE] closing CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 with SPIs c1cacaf0_i (473 bytes) f54bd2bb_o (589 bytes) and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc kernel: kauditd_printk_skb: 7 callbacks suppressed
pc kernel: audit: type=1415 audit(1554190259.883:158): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.84 dst=98.987.98.987
pc kernel: audit: type=1415 audit(1554190259.883:159): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=98.987.98.987 dst=192.168.178.84
pc kernel: audit: type=1415 audit(1554190259.883:160): op=SAD-delete auid=4294967295 ses=4294967295 src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) res=1
pc kernel: audit: type=1415 audit(1554190259.883:161): op=SAD-delete auid=4294967295 ses=4294967295 src=192.168.178.84 dst=98.987.98.987 spi=4115387067(0xf54bd2bb) res=1
pc kernel: audit: type=1415 audit(1554190259.883:162): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:163): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:164): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:165): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:166): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc kernel: audit: type=1415 audit(1554190259.883:167): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=2003:00e4:072b:f000:0000:0000:0000:0000 src_prefixlen=64 dst=2003:00e4:072b:f000:0000:0000:0000:0000 dst_prefixlen=64
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.178.0 src_prefixlen=24 dst=192.168.178.0 dst_prefixlen=24
pc charon[19844]: 00[IKE] closing CHILD_SA 06be7e74-f0fc-49be-884f-48f679984be71 with SPIs c1cacaf0_i (473 bytes) f54bd2bb_o (589 bytes) and TS 192.168.178.84/32[udp/l2f] === 98.987.98.987/32[udp/l2f]
pc charon[19844]: 00[IKE] sending DELETE for ESP CHILD_SA with SPI c1cacaf0
pc charon[19844]: 00[ENC] generating INFORMATIONAL_V1 request 1337363464 [ HASH D ]
pc charon[19844]: 00[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (76 bytes)
pc charon[19844]: 00[IKE] deleting IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 00[IKE] deleting IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1] between 192.168.178.84[192.168.178.84]...98.987.98.987[98.987.98.987]
pc charon[19844]: 00[IKE] sending DELETE for IKE_SA 06be7e74-f0fc-49be-884f-48f679984be7[1]
pc charon[19844]: 00[ENC] generating INFORMATIONAL_V1 request 2220117092 [ HASH D ]
pc charon[19844]: 00[NET] sending packet: from 192.168.178.84[4500] to 98.987.98.987[4500] (92 bytes)
pc audit: MAC_IPSEC_EVENT op=SA-notfound src=98.987.98.987 dst=192.168.178.84 spi=3251292912(0xc1cacaf0) seqno=13
pc pppd[19878]: Exit.
pc charon[19844]: 00[IKE] uninstalling bypass policy for 192.168.178.0/24
pc charon[19844]: 00[IKE] uninstalling bypass policy for 2003:e4:72b:f000::/64
pc charon[19844]: 00[IKE] uninstalling bypass policy for fe80::/64
pc charon[19844]: 00[IKE] uninstalling bypass policy for ::1/128
pc ipsec_starter[19843]: child 19844 (charon) has quit (exit code 0)
pc ipsec_starter[19843]:
pc ipsec_starter[19843]: charon stopped after 200 ms
pc ipsec_starter[19843]: ipsec starter stopped
pc nm-l2tp-service[19814]: ipsec shut down
pc NetworkManager[738]: <info> [1554190260.0988] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN plugin: state changed: stopped (6)
pc NetworkManager[738]: <info> [1554190260.1019] vpn-connection[0x55750abc26f0,06be7e74-f0fc-49be-884f-48f679984be7,"VPN connection 3",0]: VPN service disappeared
networking vpn arch-linux
networking vpn arch-linux
asked 2 days ago
mstruebingmstruebing
1011
New contributor
mstruebing is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
mstruebingmstruebing
1011
New contributor
mstruebing is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
mstruebingmstruebing
1011
New contributor
mstruebing is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 days ago
mstruebingmstruebing
1011
asked 2 days ago
mstruebingmstruebing
1011
1011
New contributor
mstruebing is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
mstruebing is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
mstruebing is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
0
It seems to be a pppd related issue, could you do nm-l2tp-service --debug to increase pppd debugging, see Debugging section of NetworkManager-l2tp's README.md file :
- https://github.com/nm-l2tp/NetworkManager-l2tp/blob/nm-1-2/README.md
note: pppd logging output won't be going to stdout/stderr, so you'll need to use journalctl to view it.
answered yesterday
Douglas KosovicDouglas Kosovic
101
New contributor
Douglas Kosovic is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thank you, I will try to figure it out today with a colleague
– mstruebing
yesterday
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
mstruebing is a new contributor. Be nice, and check out our Code of Conduct.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f961068%2fconnect-to-a-ipsec-l2tp-vpn-pre-shared-key%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
0
It seems to be a pppd related issue, could you do nm-l2tp-service --debug to increase pppd debugging, see Debugging section of NetworkManager-l2tp's README.md file :
- https://github.com/nm-l2tp/NetworkManager-l2tp/blob/nm-1-2/README.md
note: pppd logging output won't be going to stdout/stderr, so you'll need to use journalctl to view it.
answered yesterday
Douglas KosovicDouglas Kosovic
101
New contributor
Douglas Kosovic is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thank you, I will try to figure it out today with a colleague
– mstruebing
yesterday
add a comment |
0
It seems to be a pppd related issue, could you do nm-l2tp-service --debug to increase pppd debugging, see Debugging section of NetworkManager-l2tp's README.md file :
- https://github.com/nm-l2tp/NetworkManager-l2tp/blob/nm-1-2/README.md
note: pppd logging output won't be going to stdout/stderr, so you'll need to use journalctl to view it.
answered yesterday
Douglas KosovicDouglas Kosovic
101
New contributor
Douglas Kosovic is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thank you, I will try to figure it out today with a colleague
– mstruebing
yesterday
add a comment |
0
0
0
It seems to be a pppd related issue, could you do nm-l2tp-service --debug to increase pppd debugging, see Debugging section of NetworkManager-l2tp's README.md file :
- https://github.com/nm-l2tp/NetworkManager-l2tp/blob/nm-1-2/README.md
note: pppd logging output won't be going to stdout/stderr, so you'll need to use journalctl to view it.
answered yesterday
Douglas KosovicDouglas Kosovic
101
New contributor
Douglas Kosovic is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
It seems to be a pppd related issue, could you do nm-l2tp-service --debug to increase pppd debugging, see Debugging section of NetworkManager-l2tp's README.md file :
- https://github.com/nm-l2tp/NetworkManager-l2tp/blob/nm-1-2/README.md
note: pppd logging output won't be going to stdout/stderr, so you'll need to use journalctl to view it.
answered yesterday
Douglas KosovicDouglas Kosovic
101
New contributor
Douglas Kosovic is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered yesterday
Douglas KosovicDouglas Kosovic
101
New contributor
Douglas Kosovic is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered yesterday
Douglas KosovicDouglas Kosovic
101
answered yesterday
Douglas KosovicDouglas Kosovic
101
101
New contributor
Douglas Kosovic is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Douglas Kosovic is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Douglas Kosovic is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thank you, I will try to figure it out today with a colleague
– mstruebing
yesterday
add a comment |
Thank you, I will try to figure it out today with a colleague
– mstruebing
yesterday
Thank you, I will try to figure it out today with a colleague
– mstruebing
yesterday
Thank you, I will try to figure it out today with a colleague
– mstruebing
yesterday
add a comment |
mstruebing is a new contributor. Be nice, and check out our Code of Conduct.
draft saved
draft discarded
mstruebing is a new contributor. Be nice, and check out our Code of Conduct.
mstruebing is a new contributor. Be nice, and check out our Code of Conduct.
mstruebing is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f961068%2fconnect-to-a-ipsec-l2tp-vpn-pre-shared-key%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
