[prev in list] [next in list] [prev in thread] [next in thread]
List: openswan-users
Subject: Re: [Openswan Users] xl2tpd seems to cause packets to get mangled or disappear
From: Jacco de Leeuw <jacco2 () dds ! nl>
Date: 2007-08-30 22:37:24
Message-ID: 46D746A4.1030706 () dds ! nl
[Download RAW message or body]
Ray Overland wrote:
> products containing Openswan. For me to set up a Linux PC and try this
> is a significant time/money issue, and it remains a last resort option
I see. I simply assumed that most people start with an x86 setup before
running the stuff on another architecture. On x86 you slap a distribution
on a PC, apt-get/urpmi/yum/yast openswan and l2tpd, copy a few .conf files
and you're set.
> I just finished getting rp-l2tp to
> cross compile, but the rpl2tpd.conf is causing some confusion.
I've attached a simple rp-l2tp.conf for 1 client. A RADIUS server is not
required if you have only one client. For testing purposes this should be
enough.
> I am getting the "Error 737 Loopback detected" problem with Openswan
> 2.4.9 and l2tpd 0.70 combination
Is this the 0.70pre version from Debian?
Jacco
--
Jacco de Leeuw mailto:jacco2@dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
["rp-l2tp.conf" (text/plain)]
# comment
# Global section (by default, we start in global mode)
global
# Load handlers
load-handler "sync-pppd.so"
load-handler "cmd.so"
# Bind address
listen-port 1701
#listen-addr 192.168.1.98
# Configure the sync-pppd handler. You MUST have a "section sync-pppd" line
# even if you don't set any options.
section sync-pppd
# rp-l2tp cannot assign client IP addresses by itself.
# So in the example below, only one client (192.168.1.128) can be used.
lns-pppd-opts "debug nopcomp noaccomp require-chap 192.168.1.99:192.168.1.128 \
lcp-echo-interval 30 lcp-echo-failure 6 ms-dns 192.168.1.1 ms-dns 192.168.1.3 \
ms-wins 192.168.1.2 ms-wins 192.168.1.4 noccp auth crtscts idle 1800 mtu 1410 mru \
1410 nodefaultroute lock proxyarp connect-delay 5000" # A better solution is to use \
the RADIUS plugin # or the Winbind plugin, as in the next example:
#lns-pppd-opts "debug nopcomp noaccomp require-chap 192.168.1.99: lcp-echo-interval \
30 lcp-echo-failure 6 ms-dns 192.168.1.1 ms-dns 192.168.1.3 ms-wins 192.168.1.2 \
ms-wins 192.168.1.4 noccp auth crtscts idle 1800 mtu 1410 mru 1410 nodefaultroute \
lock proxyarp connect-delay 5000 plugin radius.so" lac-pppd-opts "user example name \
example noipdefault ipcp-accept-local ipcp-accept-remote lcp-echo-interval 30 \
lcp-echo-failure 6"
# Peer section
section peer
# The client is allowed to connect from any IP address ("Road Warrior")
peer 0.0.0.0
mask 0
# No secret - no L2TP authentication
port 1701
# We do not run rp-l2tp as a client:
#lac-handler sync-pppd
# We only run as a server:
lns-handler sync-pppd
hide-avps no
# Configure the cmd handler. You MUST have a "section cmd" line
# even if you don't set any options.
section cmd
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic