It is currently Mon Apr 24, 2017 12:33 am

All times are UTC [ DST ]




Post new topic Reply to topic  [ 5 posts ] 
Author Message
 Post subject: client xl2tp not connect to openl2tp server
PostPosted: Thu Nov 22, 2012 12:11 am 

Joined: Thu Nov 22, 2012 12:02 am
Posts: 4
Здравствуйте!
Использую openl2tp (без ipsec) в роли сервера для большого количества подключений. Клиенты с windows xp, 7 подключаются хорошо. Но через xl2tp никак не получается подключиться. На большинстве роутеров клиентов стоит Linux и там так-же используется xl2tp, который так-же не подключается, например dir-300 не подключается, TPLink 1043ND тоже не подключается к серверу.
Подскажите пожалуйста, в чём может быть проблема? Может нужно добавить какие то определённые настройки в конфигурационный файл openl2tp ? :cry:

-- google translate --

Hello!
Use openl2tp (without ipsec) as a server to a large number of connections. Clients with windows xp, 7 are connected well. But after xl2tp does not connect. On most routers client is Linux and there is also used xl2tp, which is also not so connected, for example dir-300 is not connected, TPLink 1043ND also not connected to the server.
Please tell me what could be the problem? May need to add some specific settings in a configuration file openl2tp? :cry:


Top
 Profile  
 
 Post subject: Re: client xl2tp not connect to openl2tp server
PostPosted: Thu Nov 22, 2012 8:24 am 

Joined: Thu Nov 22, 2012 12:02 am
Posts: 4
SERVER:

/etc/openl2tp.conf
ppp profile modify profile_name=default \
mtu=1400 \
use_radius=yes \
radius_hint=/etc/radiusclient/radiusclient.conf \
auth_pap=no \
auth_chap=yes \
auth_mschapv1=yes \
auth_mschapv2=yes \
ipcp_retransmit_interval=5 \
lcp_echo_failure_count=10 \
lcp_echo_interval=20 \
lcp_max_config_requests=20 \
lcp_max_config_naks=20 \
lcp_max_terminate_requests=5 \
lcp_retransmit_interval=5 \
dns_ipaddr_pri=10.255.0.22 \
dns_ipaddr_sec=208.67.220.220 \
local_ipaddr=11.0.0.1 \

/etc/ppp/options
passive
nomagic
-am
child-timeout 10
debug
mtu 1400
mru 1400
lcp-echo-failure 10
+chap
+mschap
+mschap-v2
nomppe
noproxyarp
lock
noipdefault
nodefaultroute
novj
nobsdcomp
novjccomp
nopcomp
noaccomp
nodeflate
ms-dns 10.255.0.22
ms-dns 208.67.220.220

LOGS
Nov 22 18:16:55 debian pppd[6695]: Plugin radius.so loaded.
Nov 22 18:16:55 debian pppd[6695]: RADIUS plugin initialized.
Nov 22 18:16:55 debian pppd[6695]: Plugin radattr.so loaded.
Nov 22 18:16:55 debian pppd[6695]: RADATTR plugin initialized.
Nov 22 18:16:55 debian pppd[6695]: Plugin pppol2tp.so loaded.
Nov 22 18:16:55 debian pppd[6695]: Plugin openl2tp.so loaded.
Nov 22 18:16:55 debian pppd[6695]: pppd 2.4.5 started by root, uid 0
Nov 22 18:16:55 debian pppd[6695]: using channel 60
Nov 22 18:16:55 debian pppd[6695]: Using interface ppp0
Nov 22 18:16:55 debian pppd[6695]: Connect: ppp0 <-->
Nov 22 18:16:55 debian pppd[6695]: Overriding mtu 1500 to 1400
Nov 22 18:16:55 debian pppd[6695]: PPPoL2TP options: lnsmode tid 50881 sid 55722 debugmask 0
Nov 22 18:16:55 debian pppd[6695]: Overriding mru 1500 to mtu value 1400
Nov 22 18:16:55 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:00 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:05 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:10 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:15 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:20 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:25 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:30 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:35 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:40 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:45 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:50 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:17:55 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:18:00 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:18:05 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:18:10 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:18:15 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:18:20 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:18:25 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:18:30 debian pppd[6695]: sent [LCP ConfReq id=0x1 <mru 1400> <auth chap MD5>]
Nov 22 18:18:35 debian pppd[6695]: LCP: timeout sending Config-Requests
Nov 22 18:18:55 debian pppd[6695]: Terminating on signal 15
Nov 22 18:18:55 debian pppd[6695]: Connection terminated.
Nov 22 18:18:55 debian pppd[6695]: RADATTR plugin removed file /var/run/radattr.ppp0.
Nov 22 18:18:55 debian pppd[6695]: Exit.


CLIENT

/etc/xl2tpd/xl2tpd.conf
[global]
access control = yes

[lac l2tp]
lns = 10.255.150.4
redial = yes
redial timeout = 5
require chap = yes
name = ppphds50_13
ppp debug = yes
pppoptfile = /etc/ppp/peers/xl2tp
autodial = yes
tx bps = 100000000

/etc/ppp/peers/xl2tp
mru 1400
mtu 1400
+chap
nodeflate
nobsdcomp
nopcomp
noaccomp

LOGS
xl2tpd[3472]: Connecting to host 10.255.150.4, port 1701
xl2tpd[3472]: Connection established to 10.255.150.4, 1701. Local: 18662, Remote: 50881 (ref=0/0).
xl2tpd[3472]: Calling on tunnel 18662
xl2tpd[3472]: Call established with 10.255.150.4, Local: 42527, Remote: 55722, Serial: 1 (ref=0/0)
xl2tpd[3472]: start_pppd: I'm running:
xl2tpd[3472]: "/usr/sbin/pppd"
xl2tpd[3472]: "passive"
xl2tpd[3472]: "nodetach"
xl2tpd[3472]: ":"
xl2tpd[3472]: "name"
xl2tpd[3472]: "ppphds50_13"
xl2tpd[3472]: "debug"
xl2tpd[3472]: "file"
xl2tpd[3472]: "/etc/ppp/peers/xl2tp"
xl2tpd[3472]: "ipparam"
xl2tpd[3472]: "10.255.150.4"
xl2tpd[3472]: "/dev/pts/2"
-------------very long wait time----------
xl2tpd[3472]: result_code_avp: avp is incorrect size. 8 < 10
xl2tpd[3472]: handle_avps: Bad exit status handling attribute 1 (Result Code) on mandatory packet.
xl2tpd[3472]: call_close: Call 42527 to 10.255.150.4 disconnected


Top
 Profile  
 
 Post subject: Re: client xl2tp not connect to openl2tp server
PostPosted: Wed Nov 28, 2012 1:54 am 

Joined: Thu Nov 22, 2012 12:02 am
Posts: 4
10.255.150.4 - server openl2tp
10.255.101.71 - client xl2tp

Code:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 1500 bytes
13:30:08.216791 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) *RANDOM_VECTOR(d14b175c182b2ac4061a17b36e09fa81) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP() *FIRM_VER(1680) *HOST_NAME(debian) *VENDOR_NAME(xelerance.com) *ASSND_TUN_ID(15761) *RECV_WIN_SIZE(4)
        0x0000:  4500 0099 0000 4000 3e11 2b0b 0aff 6547  E.....@.>.+...eG
        0x0010:  0aff 9604 06a5 06a5 0085 80fd c802 007d  ...............}
        0x0020:  0000 0000 0000 0000 8008 0000 0000 0001  ................
        0x0030:  8016 0000 0024 d14b 175c 182b 2ac4 061a  .....$.K.\.+*...
        0x0040:  17b3 6e09 fa81 8008 0000 0002 0100 800a  ..n.............
        0x0050:  0000 0003 0000 0003 800a 0000 0004 0000  ................
        0x0060:  0000 8008 0000 0006 0690 800c 0000 0007  ................
        0x0070:  6465 6269 616e 8013 0000 0008 7865 6c65  debian......xele
        0x0080:  7261 6e63 652e 636f 6d80 0800 0000 093d  rance.com......=
        0x0090:  9180 0800 0000 0a00 04                   .........
13:30:08.217144 IP 10.255.150.4.58970 > 10.255.101.71.1701:  l2tp:[TLS](15761/0)Ns=0,Nr=1 *MSGTYPE(SCCRP) *PROTO_VER(1.0) *FRAMING_CAP(AS) *BEARER_CAP(AD) FIRM_VER(264) *HOST_NAME(debian) VENDOR_NAME(Katalix Systems Ltd. Linux-3.2.34 (x86_64)) *ASSND_TUN_ID(40800) *RECV_WIN_SIZE(10)
        0x0000:  4500 00a0 54a7 4000 4011 d45c 0aff 9604  E...T.@.@..\....
        0x0010:  0aff 6547 e65a 06a5 008c 0aab c802 0084  ..eG.Z..........
        0x0020:  3d91 0000 0000 0001 8008 0000 0000 0002  =...............
        0x0030:  8008 0000 0002 0100 800a 0000 0003 0000  ................
        0x0040:  0003 800a 0000 0004 0000 0003 0008 0000  ................
        0x0050:  0006 0108 800c 0000 0007 6465 6269 616e  ..........debian
        0x0060:  0030 0000 0008 4b61 7461 6c69 7820 5379  .0....Katalix.Sy
        0x0070:  7374 656d 7320 4c74 642e 204c 696e 7578  stems.Ltd..Linux
        0x0080:  2d33 2e32 2e33 3420 2878 3836 5f36 3429  -3.2.34.(x86_64)
        0x0090:  8008 0000 0009 9f60 8008 0000 000a 000a  .......`........
13:30:08.222160 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[TLS](40800/0)Ns=1,Nr=1 *MSGTYPE(SCCCN) *RANDOM_VECTOR(d7ce89cca1cbcbdaa3eeaf3abc7bf4ab)
        0x0000:  4500 0046 0000 4000 3e11 2b5e 0aff 6547  E..F..@.>.+^..eG
        0x0010:  0aff 9604 06a5 06a5 0032 a58e c802 002a  .........2.....*
        0x0020:  9f60 0000 0001 0001 8008 0000 0000 0003  .`..............
        0x0030:  8016 0000 0024 d7ce 89cc a1cb cbda a3ee  .....$..........
        0x0040:  af3a bc7b f4ab                           .:.{..
13:30:08.222584 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[TLS](40800/0)Ns=2,Nr=1 *MSGTYPE(ICRQ) *RANDOM_VECTOR(6e9c3ad00f9bb0cc23819b1c999f192a) *ASSND_SESS_ID(18216) *CALL_SER_NUM(1) *BEARER_TYPE()
        0x0000:  4500 0062 0000 4000 3e11 2b42 0aff 6547  E..b..@.>.+B..eG
        0x0010:  0aff 9604 06a5 06a5 004e d613 c802 0046  .........N.....F
        0x0020:  9f60 0000 0002 0001 8008 0000 0000 000a  .`..............
        0x0030:  8016 0000 0024 6e9c 3ad0 0f9b b0cc 2381  .....$n.:.....#.
        0x0040:  9b1c 999f 192a 8008 0000 000e 4728 800a  .....*......G(..
        0x0050:  0000 000f 0000 0001 800a 0000 0012 0000  ................
        0x0060:  0000                                     ..
13:30:08.222965 IP 10.255.150.4.58970 > 10.255.101.71.1701:  l2tp:[TLS](15761/18216)Ns=1,Nr=3 *MSGTYPE(ICRP) *ASSND_SESS_ID(1288)
        0x0000:  4500 0038 54a8 4000 4011 d4c3 0aff 9604  E..8T.@.@.......
        0x0010:  0aff 6547 e65a 06a5 0024 af4e c802 001c  ..eG.Z...$.N....
        0x0020:  3d91 4728 0001 0003 8008 0000 0000 000b  =.G(............
        0x0030:  8008 0000 000e 0508                      ........
13:30:08.226782 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[TLS](40800/1288)Ns=3,Nr=2 *MSGTYPE(ICCN) *RANDOM_VECTOR(79797089016f305efa1f424775169189) *TX_CONN_SPEED(100000000) *FRAMING_TYPE(S) *RX_CONN_SPEED(0)
        0x0000:  4500 0064 0000 4000 3e11 2b40 0aff 6547  E..d..@.>.+@..eG
        0x0010:  0aff 9604 06a5 06a5 0050 ad74 c802 0048  .........P.t...H
        0x0020:  9f60 0508 0003 0002 8008 0000 0000 000c  .`..............
        0x0030:  8016 0000 0024 7979 7089 016f 305e fa1f  .....$yyp..o0^..
        0x0040:  4247 7516 9189 800a 0000 0018 05f5 e100  BGu.............
        0x0050:  800a 0000 0013 0000 0001 800a 0000 0026  ...............&
        0x0060:  0000 0000                                ....
13:30:08.231118 IP 10.255.150.4.58970 > 10.255.101.71.1701:  l2tp:[](15761/18216) {LCP, Conf-Request (0x01), id 1, length 15}
        0x0000:  4500 0033 a692 0000 4011 c2de 0aff 9604  E..3....@.......
        0x0010:  0aff 6547 e65a 06a5 001f ebd2 0002 3d91  ..eG.Z........=.
        0x0020:  4728 ff03 c021 0101 000d 0104 0578 0305  G(...!.......x..
        0x0030:  c223 05                                  .#.
13:30:08.932610 IP 10.255.150.4.58970 > 10.255.101.71.1701:  l2tp:[TLS](15761/0)Ns=2,Nr=4 ZLB
        0x0000:  4500 0028 54a9 4000 4011 d4d2 0aff 9604  E..(T.@.@.......
        0x0010:  0aff 6547 e65a 06a5 0014 fbd6 c802 000c  ..eG.Z..........
        0x0020:  3d91 0000 0002 0004                      =.......
13:30:09.240848 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[](40800/1288) {LCP, Conf-Request (0x01), id 1, length 31}
        0x0000:  4500 0043 0000 4000 3e11 2b61 0aff 6547  E..C..@.>.+a..eG
        0x0010:  0aff 9604 06a5 06a5 002f 2eda 0002 9f60  ........./.....`
        0x0020:  0508 ff03 c021 0101 001d 0104 0578 0206  .....!.......x..
        0x0030:  0000 0000 0305 c223 0505 06c8 d9ec 9607  .......#........
        0x0040:  0208 02                                  ...
13:30:11.234347 IP 10.255.150.4.58970 > 10.255.101.71.1701:  l2tp:[](15761/18216) {LCP, Conf-Request (0x01), id 1, length 15}
        0x0000:  4500 0033 a693 0000 4011 c2dd 0aff 9604  E..3....@.......
        0x0010:  0aff 6547 e65a 06a5 001f ebd2 0002 3d91  ..eG.Z........=.
        0x0020:  4728 ff03 c021 0101 000d 0104 0578 0305  G(...!.......x..
        0x0030:  c223 05                                  .#.
13:30:11.240204 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[](40800/1288) {LCP, Conf-Ack (0x02), id 1, length 15}
        0x0000:  4500 0033 0000 4000 3e11 2b71 0aff 6547  E..3..@.>.+q..eG
        0x0010:  0aff 9604 06a5 06a5 001f aad9 0002 9f60  ...............`
        0x0020:  0508 ff03 c021 0201 000d 0104 0578 0305  .....!.......x..
        0x0030:  c223 05                                  .#.
13:30:12.245263 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[](40800/1288) {LCP, Conf-Request (0x01), id 1, length 31}
        0x0000:  4500 0043 0000 4000 3e11 2b61 0aff 6547  E..C..@.>.+a..eG
        0x0010:  0aff 9604 06a5 06a5 002f 2eda 0002 9f60  ........./.....`
        0x0020:  0508 ff03 c021 0101 001d 0104 0578 0206  .....!.......x..
        0x0030:  0000 0000 0305 c223 0505 06c8 d9ec 9607  .......#........
        0x0040:  0208 02                                  ...
13:30:14.237614 IP 10.255.150.4.58970 > 10.255.101.71.1701:  l2tp:[](15761/18216) {LCP, Conf-Request (0x01), id 1, length 15}
        0x0000:  4500 0033 a694 0000 4011 c2dc 0aff 9604  E..3....@.......
        0x0010:  0aff 6547 e65a 06a5 001f ebd2 0002 3d91  ..eG.Z........=.
        0x0020:  4728 ff03 c021 0101 000d 0104 0578 0305  G(...!.......x..
        0x0030:  c223 05                                  .#.
13:30:14.241525 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[](40800/1288) {LCP, Conf-Ack (0x02), id 1, length 15}
        0x0000:  4500 0033 0000 4000 3e11 2b71 0aff 6547  E..3..@.>.+q..eG
        0x0010:  0aff 9604 06a5 06a5 001f aad9 0002 9f60  ...............`
        0x0020:  0508 ff03 c021 0201 000d 0104 0578 0305  .....!.......x..
        0x0030:  c223 05                                  .#.
13:30:15.242880 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[](40800/1288) {LCP, Conf-Request (0x01), id 1, length 31}
        0x0000:  4500 0043 0000 4000 3e11 2b61 0aff 6547  E..C..@.>.+a..eG
        0x0010:  0aff 9604 06a5 06a5 002f 2eda 0002 9f60  ........./.....`
        0x0020:  0508 ff03 c021 0101 001d 0104 0578 0206  .....!.......x..
        0x0030:  0000 0000 0305 c223 0505 06c8 d9ec 9607  .......#........
        0x0040:  0208 02                                  ...
13:30:17.241042 IP 10.255.150.4.58970 > 10.255.101.71.1701:  l2tp:[](15761/18216) {LCP, Conf-Request (0x01), id 1, length 15}
        0x0000:  4500 0033 a695 0000 4011 c2db 0aff 9604  E..3....@.......
        0x0010:  0aff 6547 e65a 06a5 001f ebd2 0002 3d91  ..eG.Z........=.
        0x0020:  4728 ff03 c021 0101 000d 0104 0578 0305  G(...!.......x..
        0x0030:  c223 05                                  .#.
13:30:17.245729 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[](40800/1288) {LCP, Conf-Ack (0x02), id 1, length 15}
        0x0000:  4500 0033 0000 4000 3e11 2b71 0aff 6547  E..3..@.>.+q..eG
        0x0010:  0aff 9604 06a5 06a5 001f aad9 0002 9f60  ...............`
        0x0020:  0508 ff03 c021 0201 000d 0104 0578 0305  .....!.......x..
        0x0030:  c223 05                                  .#.
13:30:18.245324 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[](40800/1288) {LCP, Conf-Request (0x01), id 1, length 31}
        0x0000:  4500 0043 0000 4000 3e11 2b61 0aff 6547  E..C..@.>.+a..eG
        0x0010:  0aff 9604 06a5 06a5 002f 2eda 0002 9f60  ........./.....`
        0x0020:  0508 ff03 c021 0101 001d 0104 0578 0206  .....!.......x..
        0x0030:  0000 0000 0305 c223 0505 06c8 d9ec 9607  .......#........
        0x0040:  0208 02                                  ...
13:30:20.244334 IP 10.255.150.4.58970 > 10.255.101.71.1701:  l2tp:[](15761/18216) {LCP, Conf-Request (0x01), id 1, length 15}
        0x0000:  4500 0033 a696 0000 4011 c2da 0aff 9604  E..3....@.......
        0x0010:  0aff 6547 e65a 06a5 001f ebd2 0002 3d91  ..eG.Z........=.
        0x0020:  4728 ff03 c021 0101 000d 0104 0578 0305  G(...!.......x..
        0x0030:  c223 05                                  .#.
13:30:20.248281 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[](40800/1288) {LCP, Conf-Ack (0x02), id 1, length 15}
        0x0000:  4500 0033 0000 4000 3e11 2b71 0aff 6547  E..3..@.>.+q..eG
        0x0010:  0aff 9604 06a5 06a5 001f aad9 0002 9f60  ...............`
        0x0020:  0508 ff03 c021 0201 000d 0104 0578 0305  .....!.......x..
        0x0030:  c223 05                                  .#.
13:30:21.248518 IP 10.255.101.71.1701 > 10.255.150.4.1701:  l2tp:[](40800/1288) {LCP, Conf-Request (0x01), id 1, length 31}
        0x0000:  4500 0043 0000 4000 3e11 2b61 0aff 6547  E..C..@.>.+a..eG
        0x0010:  0aff 9604 06a5 06a5 002f 2eda 0002 9f60  ........./.....`
        0x0020:  0508 ff03 c021 0101 001d 0104 0578 0206  .....!.......x..
        0x0030:  0000 0000 0305 c223 0505 06c8 d9ec 9607  .......#........
        0x0040:  0208 02                                  ...


Top
 Profile  
 
 Post subject: Re: client xl2tp not connect to openl2tp server
PostPosted: Wed Jan 16, 2013 10:04 am 

Joined: Thu Nov 22, 2012 12:02 am
Posts: 4
Данная проблема была и с сервером l2tp accel-ppp, но сегодня обнаружилось, если поправить словарь л2тп, то всё работает!!!
В файле
/usr/local/share/accel-ppp/l2tp/dictionary.rfc2661
Строки
ATTRIBUTE Firmware-Revision 6 int16 M=0
ATTRIBUTE Host-Name 7 string M=0
ATTRIBUTE Vendor-Name 8 string M=0
Заменить на
ATTRIBUTE Firmware-Revision 6 int16 M=1
ATTRIBUTE Host-Name 7 string M=1
ATTRIBUTE Vendor-Name 8 string M=1
то тогда, клиент xl2tp отлично подключается к accel-ppp.
ВОПРОС? Как эти парамтеры изменить в сервере openl2tp ???

------
This problem was with the server l2tp accel-ppp, but today discover if correct dictionary l2tp all works!
The file
/usr/local/share/accel-ppp/l2tp/dictionary.rfc2661
line
ATTRIBUTE Firmware-Revision 6 int16 M = 0
ATTRIBUTE Host-Name 7 string M = 0
ATTRIBUTE Vendor-Name 8 string M = 0
replace with
ATTRIBUTE Firmware-Revision 6 int16 M = 1
ATTRIBUTE Host-Name 7 string M = 1
ATTRIBUTE Vendor-Name 8 string M = 1
then, the client connects to a fine xl2tp accel-ppp server.
QUESTION? How these change in the server paramtery openl2tp???


Top
 Profile  
 
 Post subject: Re: client xl2tp not connect to openl2tp server
PostPosted: Mon Jan 21, 2013 12:19 pm 
Site Admin

Joined: Sun Jul 27, 2008 1:39 pm
Posts: 122
I think xl2tpd doesn't follow UDP ephemeral port negotiation correctly.

When the tunnel is established, openl2tpd sends its SCCRP from port 58970. But xl2tpd sends its SCCCN to port 1701, ignoring the port used by openl2tpd. OpenL2TP should ignore the response but it doesn't and the tunnel and session is established, despite not using the right UDP ports. But when OpenL2Tp configures the data path, it tells it to use port 58970. The result is that the data packets (PPP) are not sent/received correctly and the PPP link therefore fails to establish.

To disable ephemeral ports at the openl2tp server, use
tunnel profile modify profile_name=default our_udp_port=1701.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group