Getting "Command 'service xl2tpd start' failed" on connect due to bad xl2tpd config wrt redials
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
L2TP over IPsec VPN Manager |
New
|
Undecided
|
Unassigned |
Bug Description
I was getting the following error when trying to connect. Here's what I see in the log output:
Jun 27 16:33:16.033 ipsec_setup: Stopping Openswan IPsec...
Jun 27 16:33:17.602 ipsec_setup: Starting Openswan IPsec U2.6.38/
Jun 27 16:33:17.866 ipsec__plutorun: Starting Pluto subsystem...
Jun 27 16:33:17.879 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Jun 27 16:33:17.888 xl2tpd[3117]: parse_config: line 25: rtimeout value must be at least 1
Jun 27 16:33:17.888 xl2tpd[3117]: init: Unable to load config file
Jun 27 16:33:17.889 [ERROR 1] Command 'service xl2tpd start' failed and exited with given error code
Jun 27 16:33:17.933 ipsec__plutorun: 002 added connection description "Sincerely"
I'm glad I took two seconds to read the log before reporting this, because I realized that something was possibly wrong with the xl2tpd config file. As it happens, I was following the instructions here for setting up l2tp-ipsec-vpn:
https:/
...and they recommended clicking the "Redial" checkbox under the L2TP tab, but said nothing about setting the Timeout and Attempts values. Unfortunately the default of 0 caused xl2tpd to fail. It'd be nice if checking that checkbox caused some more reasonable defaults to be used. (I've seen 60 seconds and 3 retries on the Windows side) or if the user was simply prevented from entering a 0 there if Redial is checked. Gotta save the users from shooting themselves in the foot, ya know?
Thanks.
On Debian wheezy 3.2.0-4-amd64
xl2tpd-1.3.1, l2tp-ipsec-vpn 1.0.9
I am also under same situation which is happening to be big blocker.
It shows error 410 occure while trying to connect to VPN.
Oct 17 23:39:48.537 ipsec_setup: Starting Openswan IPsec U2.6.37- g955aaafb- dirty/K3. 2.0-4-amd64. .. PRESHARED_ KEY cipher=aes_128 prf=oakley_md5 group=modp2048} 128-HMAC_ MD5 NATOA=none NATD=none DPD=none} transport is in use
Oct 17 23:39:48.812 ipsec__plutorun: Starting Pluto subsystem...
Oct 17 23:39:48.817 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Oct 17 23:39:48.819 recvref[30]: Protocol not available
Oct 17 23:39:48.819 xl2tpd[5037]: This binary does not support kernel L2TP.
Oct 17 23:39:48.819 Starting xl2tpd: xl2tpd.
Oct 17 23:39:48.820 xl2tpd[5042]: xl2tpd version xl2tpd-1.3.1 started on ashish PID:5042
Oct 17 23:39:48.820 xl2tpd[5042]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Oct 17 23:39:48.820 xl2tpd[5042]: Forked by Scott Balmos and David Stipp, (C) 2001
Oct 17 23:39:48.820 xl2tpd[5042]: Inherited by Jeff McAdams, (C) 2002
Oct 17 23:39:48.820 xl2tpd[5042]: Forked again by Xelerance (www.xelerance.com) (C) 2006
Oct 17 23:39:48.821 xl2tpd[5042]: Listening on IP address 0.0.0.0, port 1701
Oct 17 23:39:48.844 ipsec__plutorun: 002 added connection description "Vpn"
Oct 17 23:40:19.757 104 "Vpn" #1: STATE_MAIN_I1: initiate
Oct 17 23:40:19.758 010 "Vpn" #1: STATE_MAIN_I1: retransmission; will wait 20s for response
Oct 17 23:40:19.758 010 "Vpn" #1: STATE_MAIN_I1: retransmission; will wait 40s for response
Oct 17 23:40:19.758 003 "Vpn" #1: received Vendor ID payload [Dead Peer Detection]
Oct 17 23:40:19.759 003 "Vpn" #1: received Vendor ID payload [RFC 3947] method set to=109
Oct 17 23:40:19.759 003 "Vpn" #1: received Vendor ID payload [Cisco-Unity]
Oct 17 23:40:19.760 106 "Vpn" #1: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 17 23:40:19.760 003 "Vpn" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Oct 17 23:40:19.760 108 "Vpn" #1: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 17 23:40:19.761 004 "Vpn" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_
Oct 17 23:40:19.761 117 "Vpn" #2: STATE_QUICK_I1: initiate
Oct 17 23:40:19.761 004 "Vpn" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0x8af718c9 <0x64ddd774 xfrm=AES_
Oct 17 23:40:20.763 xl2tpd[5042]: Connecting to host xxx.xx.xx.xx, port 1701
Oct 17 23:40:25.769 xl2tpd[5042]: Maximum retries exceeded for tunnel 13617. Closing.
Oct 17 23:40:25.769 [ERROR 410] Connection attempt to 'Vpn' timed out
Oct 17 23:40:25.784 xl2tpd[5042]: Connection 0 closed to xxx.xx.xx.xx, port 1701 (Timeout)
Oct 17 23:40:25.802 Stopping xl2tpd: xl2tpd.
Oct 17 23:40:25.803 xl2tpd[5042]: death_handler: Fatal signal 15 received
Oct 17 23:40:25.821 ipsec_setup: Stopping Openswan IPsec...
Oct 17 23:40:27.261 ipsec_setup: Error: Module xfrm4_mode_
Oct 17 23:40:27.527 ipsec_setup: Error: Module esp4 is in use
Any one can help me out on this.