'Re: [Openswan Users] xl2tpd seems to cause packets to get mangled or disappear'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openswan-users
Subject:    Re: [Openswan Users] xl2tpd seems to cause packets to get mangled or	disappear
From:       Jacco de Leeuw <jacco2 () dds ! nl>
Date:       2007-08-30 22:37:24
Message-ID: 46D746A4.1030706 () dds ! nl
[Download RAW message or body]

Ray Overland wrote:

> products containing Openswan. For me to set up a Linux PC and try this
> is a significant time/money issue, and it remains a last resort option

I see. I simply assumed that most people start with an x86 setup before
running the stuff on another architecture. On x86 you slap a distribution
on a PC, apt-get/urpmi/yum/yast openswan and l2tpd, copy a few .conf files
and you're set.

> I just finished getting rp-l2tp to
> cross compile, but the rpl2tpd.conf is causing some confusion.

I've attached a simple rp-l2tp.conf for 1 client. A RADIUS server is not
required if you have only one client. For testing purposes this should be
enough.

> I am getting the "Error 737 Loopback detected" problem with Openswan
> 2.4.9 and l2tpd 0.70 combination

Is this the 0.70pre version from Debian?

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2@dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl

["rp-l2tp.conf" (text/plain)]

# comment

# Global section (by default, we start in global mode)
global

# Load handlers
load-handler "sync-pppd.so"
load-handler "cmd.so"

# Bind address
listen-port 1701
#listen-addr 192.168.1.98

# Configure the sync-pppd handler.  You MUST have a "section sync-pppd" line
# even if you don't set any options.
section sync-pppd
# rp-l2tp cannot assign client IP addresses by itself.
# So in the example below, only one client (192.168.1.128) can be used.
lns-pppd-opts "debug nopcomp noaccomp require-chap 192.168.1.99:192.168.1.128 \
lcp-echo-interval 30 lcp-echo-failure 6 ms-dns  192.168.1.1 ms-dns 192.168.1.3 \
ms-wins 192.168.1.2 ms-wins 192.168.1.4 noccp auth crtscts idle 1800 mtu 1410 mru \
1410 nodefaultroute lock proxyarp connect-delay 5000" # A better solution is to use \
the RADIUS plugin  # or the Winbind plugin, as in the next example:
#lns-pppd-opts "debug nopcomp noaccomp require-chap 192.168.1.99: lcp-echo-interval \
30 lcp-echo-failure 6 ms-dns  192.168.1.1 ms-dns 192.168.1.3 ms-wins 192.168.1.2 \
ms-wins 192.168.1.4 noccp auth crtscts idle 1800 mtu 1410 mru 1410 nodefaultroute \
lock proxyarp connect-delay 5000 plugin radius.so" lac-pppd-opts "user example name \
example noipdefault ipcp-accept-local ipcp-accept-remote lcp-echo-interval 30 \
lcp-echo-failure 6"

# Peer section
section peer
# The client is allowed to connect from any IP address ("Road Warrior")
peer 0.0.0.0
mask 0
# No secret - no L2TP authentication 
port 1701
# We do not run rp-l2tp as a client:
#lac-handler sync-pppd
# We only run as a server:
lns-handler sync-pppd
hide-avps no

# Configure the cmd handler.  You MUST have a "section cmd" line
# even if you don't set any options.
section cmd



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic