l2tp server always 'sent [CCP ResetReq id=0x3]' when got compressed data request

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by wilbur on Server Fault See other posts from Server Fault or by wilbur
Published on 2013-11-06T02:51:12Z Indexed on 2013/11/06 3:57 UTC
Read the original article Hit count: 392

Filed under:
|

I have built a xl2tpd/ipsec server on my ubuntu 12.04.3, and I managed to make a l2tp vpn connection to the xl2tpd server from my android phone. The xl2tpd log said 

xl2tpd[10828]: Enabling IPsec SAref processing for L2TP transport mode SAs
xl2tpd[10828]: IPsec SAref does not work with L2TP kernel mode yet, enabling     forceuserspace=yes
xl2tpd[10828]: setsockopt recvref[22]: Protocol not available
xl2tpd[10828]: This binary does not support kernel L2TP.
xl2tpd[10828]: xl2tpd version xl2tpd-1.2.8 started on atime.me PID:10828
xl2tpd[10828]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[10828]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[10828]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[10828]: Forked again by Xelerance (www.xelerance.com) (C) 2006
xl2tpd[10828]: Listening on IP address 0.0.0.0, port 1701
xl2tpd[10828]: control_finish: Peer requested tunnel 39154 twice, ignoring second one.
xl2tpd[10828]: Connection established to 117.136.8.59, 43149.  Local: 25339, Remote: 39154 (ref=0/0).  LNS session is 'default'

However I cannot access the web in my browser. The pppd log said 

rcvd [Compressed data] 00 1d 82 c4 7c 04 d8 09 ...
sent [CCP ResetReq id=0x7]

I have googled a lot and found that this was mostly caused by a mppe decompression error. I have disabled BSD-Compress compression with nobsdcomp in /etc/ppp/xl2tpd-options but it did not work.

I used openswan-2.6.33 and xl2tpd-1.2.8 which were built from source. And my configurations:

/etc/ipsec.conf

version 2.0

config setup
    nat_traversal=yes
    virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
    oe=off
    protostack=netkey

conn L2TP-PSK-NAT
    rightsubnet=vhost:%priv
    also=L2TP-PSK-noNAT

conn L2TP-PSK-noNAT
    authby=secret
    pfs=no
    auto=add
    keyingtries=3
    rekey=no
    ikelifetime=8h
    keylife=1h
    type=transport
    left=106.186.121.214
    leftprotoport=17/1701
    right=%any
    rightprotoport=17/%any

/etc/xl2tpd/xl2tpd.conf

[global]
ipsec saref = yes

[lns default]
local ip = 10.10.11.1
ip range = 10.10.11.2-10.10.11.245
refuse chap = yes
refuse pap = yes
require authentication = yes
ppp debug = yes
pppoptfile = /etc/ppp/xl2tpd-options
length bit = yes

/etc/ppp/xl2tpd-options

require-mschap-v2
ms-dns 8.8.8.8
ms-dns 8.8.4.4
asyncmap 0
auth
crtscts
lock
hide-password
modem
name l2tpd
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4
debug
nobsdcomp

Any suggestions? Thanks in advance.

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about vpn

Related posts about l2tp

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle