can´t create valid vpn session over L2TP
-
AdrianH
- Posts: 2
- Joined: Thu Dec 01, 2016 7:34 am
Re: can´t create valid vpn session over L2TP
I faced a similar problem a few months ago when I was trying to configure Ivacy VPN on my Xbox. Chances are that you haven't configured your devices. There should be detailed instructions on the site on how to configure and set up different devices. Good luck!
-
thisjun
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: can´t create valid vpn session over L2TP
Could you show the server log?
-
herrficus
- Posts: 4
- Joined: Thu Dec 15, 2016 11:11 am
Re: can´t create valid vpn session over L2TP
Hello!
well I run into the same problem. L2TP connections do not work for me. They did work in the past. Native Client is working. OpenVPN is working.
I see on the server side :
Dec 15 12:03:12 localhost [cerberos/VPN] (2016-12-15 12:03:12.019) <SERVER_LOG>: IPsec Client 1 (XXXXXXXX:25277 -> 192.168.10.10:500): A new IPsec client is created.
Dec 15 12:03:12 localhost [cerberos/VPN] (2016-12-15 12:03:12.020) <SERVER_LOG>: IPsec IKE Session (IKE SA) 1 (Client: 1) (XXXXXXX:25277 -> 192.168.10.10:500): A new IKE SA (Main Mode) is created. Initiator Cookie: 0x241C271252EA548, Responder Cookie: 0xB64FAD4F51CBF2BF, DH Group: MODP 1536 (Group 5), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
Dec 15 12:03:22 localhost [cerberos/VPN] (2016-12-15 12:03:22.048) <SERVER_LOG>: IPsec IKE Session (IKE SA) 1 (Client: 1) (XXXXXXXX:25277 -> 192.168.10.10:500): This IKE SA is deleted.
Dec 15 12:03:22 localhost [cerberos/VPN] (2016-12-15 12:03:22.048) <SERVER_LOG>: IPsec Client 1 (XXXXXXXX:25277 -> 192.168.10.10:500): This IPsec Client is deleted.
The connection then times out on the OSX side. It sets up the IKE SA and shortly after that IKE SA is deleted. After that the IPsec Client goes down -
I' out of ideas what to do. Is that some kind of the SSL fallout from this year? Is it because of SHA-1 hash algo? Maybe someone can point me into the right direction.
Ben
well I run into the same problem. L2TP connections do not work for me. They did work in the past. Native Client is working. OpenVPN is working.
I see on the server side :
Dec 15 12:03:12 localhost [cerberos/VPN] (2016-12-15 12:03:12.019) <SERVER_LOG>: IPsec Client 1 (XXXXXXXX:25277 -> 192.168.10.10:500): A new IPsec client is created.
Dec 15 12:03:12 localhost [cerberos/VPN] (2016-12-15 12:03:12.020) <SERVER_LOG>: IPsec IKE Session (IKE SA) 1 (Client: 1) (XXXXXXX:25277 -> 192.168.10.10:500): A new IKE SA (Main Mode) is created. Initiator Cookie: 0x241C271252EA548, Responder Cookie: 0xB64FAD4F51CBF2BF, DH Group: MODP 1536 (Group 5), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
Dec 15 12:03:22 localhost [cerberos/VPN] (2016-12-15 12:03:22.048) <SERVER_LOG>: IPsec IKE Session (IKE SA) 1 (Client: 1) (XXXXXXXX:25277 -> 192.168.10.10:500): This IKE SA is deleted.
Dec 15 12:03:22 localhost [cerberos/VPN] (2016-12-15 12:03:22.048) <SERVER_LOG>: IPsec Client 1 (XXXXXXXX:25277 -> 192.168.10.10:500): This IPsec Client is deleted.
The connection then times out on the OSX side. It sets up the IKE SA and shortly after that IKE SA is deleted. After that the IPsec Client goes down -
I' out of ideas what to do. Is that some kind of the SSL fallout from this year? Is it because of SHA-1 hash algo? Maybe someone can point me into the right direction.
Ben
-
moatazelmasry
- Posts: 336
- Joined: Sat Aug 15, 2015 7:41 pm
Re: can´t create valid vpn session over L2TP
Are the ports 500, 4500 and 1701 open?
-
herrficus
- Posts: 4
- Joined: Thu Dec 15, 2016 11:11 am
Re: can´t create valid vpn session over L2TP
my mistake. One port was wrongly typed as TCP - not UDP. Now it works on osx and iOS.
Thank you.
Thank you.