Hi,
I have a dell xps laptop with OpenBsd 6.8 running. I want to connect to an IKEv1 L2TP VPN Server.
I followed the steps on https://www.openbsd.org/faq/faq17.html#clientikev1
and /usr/local/share/doc/pkg-readmes/xl2tpd
I created the following config files
/etc/ipsec.conf
================
ike esp from $IP1 to $IP2 peer $VPNSERVER \
main auth hmac-sha1 enc aes-128 group modp2048 \
quick auth hmac-sha1 enc aes-128 \
psk my-pre-shared-secret
/etc/xl2tpd/x2ltpd.conf
======================
[global]
debug avp = yes
debug network = yes
debug state = yes
debug tunnel = yes
auth file = /etc/ppp/pap-secrets
port = 1701
[lac l2tp]
lns = vpn_server_ip
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tp
require authentication = yes
require pap = yes
require chap = no
length bit = yes
/etc/ppp/options.l2tp
============
ipcp-accept-local
ipcp-accept-remote
refuse-eap
refuse-mschap-v2
noccp
noauth
idle 1800
mtu 1410
mru 1410
connect-delay 5000
usepeerdns
defaultroute
debug
lock
netmask 255.255.255.0
user myuser
password mypwd
/etc/ppp/pap-secrets
myuser * mypwd *
I added an interface ppp0. and started isakmpd, xl2tpd
ipsecctl -sa show flows and SAD's
But, when i try to connect via
'echo c l2tp | doas tee /var/run/xl2tpd/l2tp-control'
the /var/log/daemon show only
Dec 30 23:47:20 2147NFS xl2tpd[1160]: Connecting to host $VPNSERVER, port 1701
Dec 30 23:47:51 2147NFS xl2tpd[1160]: Maximum retries exceeded for tunnel 113. Closing.
Dec 30 23:47:51 2147NFS xl2tpd[1160]: Connection 0 closed to VPNSERVERIP, port 1701 (Timeout)
I would expect to see more logging, but there is no pppd logging. Looks like the process won't start. Is this maybe the issue here?
Any hint how I can enable more logging? Or do you see any mistake in my config pasted above.
Thanks
Marko
No comments:
Post a Comment