Hi.
I’m trying to connect to my workplace VPN which is using L2TP/IPSec without succeeding. I’m using openSUSE Leap 42.1, KDE Plasma 5.5.5.
At first, there was a problem with the package NetworkManager-l2tp which does not exist in LEAP 42.1. Without this package one gets an error message that the service is missing. I found a version of the package in the build service in the home:dkosovic repo which I installed. Currently I have the following L2TP packages installed:
micke@deimos:~/Downloads> sudo zypper se -is l2tp
Loading repository data...
Reading installed packages...
S | Name | Type | Version | Arch | Repository
--+---------------------------+---------+-----------+--------+--------------
i | NetworkManager-l2tp | package | 1.0.4-2.1 | x86_64 | home:dkosovic
i | NetworkManager-l2tp-gnome | package | 1.0.4-2.1 | x86_64 | home:dkosovic
i | NetworkManager-l2tp-lang | package | 1.0.4-2.1 | noarch | home:dkosovic
i | plasma-nm5-l2tp | package | 5.5.5-9.1 | x86_64 | update oss
i | xl2tpd | package | 1.3.6-3.2 | x86_64 | oss
I have been given a gateway server adress, username, password and a pre-shared key to use when setting up the VPN. Configuration works fine in Plasma. When I try to connect I get a timeout. The service should be up and running, other employees (using other OS’s) can connect. The journal reports the following (I have masked the gateway address using WWW.XXX.YYY.ZZZ), I fail to understand whats wrong. Does anybody else have a clue?
micke@deimos:~/Documents> sudo journalctl --since "2016-08-02 08:06:00" --until "2016-08-02 09:00:00" | grep NetworkManager
root's password:
aug 02 08:06:08 deimos NetworkManager[949]: <info> Starting VPN service 'l2tp'...
aug 02 08:06:08 deimos NetworkManager[949]: <info> VPN service 'l2tp' started (org.freedesktop.NetworkManager.l2tp), PID 24477
aug 02 08:06:08 deimos NetworkManager[949]: <info> VPN service 'l2tp' appeared; activating connections
aug 02 08:06:08 deimos NetworkManager[949]: ** Message: ipsec enable flag: yes
aug 02 08:06:08 deimos NetworkManager[949]: <info> VPN plugin state changed: starting (3)
aug 02 08:06:08 deimos NetworkManager[949]: ** Message: Use '213.115.131.138' as a gateway
aug 02 08:06:08 deimos NetworkManager[949]: ** Message: Check port 1701
aug 02 08:06:08 deimos NetworkManager[949]: ** Message: starting ipsec
aug 02 08:06:08 deimos NetworkManager[949]: Stopping strongSwan IPsec failed: starter is not running
aug 02 08:06:10 deimos NetworkManager[949]: Starting strongSwan 5.3.5 IPsec [starter]...
aug 02 08:06:10 deimos NetworkManager[949]: Loading config setup
aug 02 08:06:10 deimos NetworkManager[949]: Loading conn 'nm-ipsec-l2tp-24477'
aug 02 08:06:10 deimos NetworkManager[949]: found netkey IPsec stack
aug 02 08:06:11 deimos NetworkManager[949]: initiating Main Mode IKE_SA nm-ipsec-l2tp-24477[1] to 213.115.131.138
aug 02 08:06:11 deimos NetworkManager[949]: generating ID_PROT request 0 SA V V V V ]
aug 02 08:06:11 deimos NetworkManager[949]: sending packet: from 192.168.20.25[500] to 213.115.131.138[500] (280 bytes)
aug 02 08:06:11 deimos NetworkManager[949]: received packet: from 213.115.131.138[500] to 192.168.20.25[500] (124 bytes)
aug 02 08:06:11 deimos NetworkManager[949]: parsed ID_PROT response 0 SA V V ]
aug 02 08:06:11 deimos NetworkManager[949]: received NAT-T (RFC 3947) vendor ID
aug 02 08:06:11 deimos NetworkManager[949]: received FRAGMENTATION vendor ID
aug 02 08:06:11 deimos NetworkManager[949]: generating ID_PROT request 0 KE No NAT-D NAT-D ]
aug 02 08:06:11 deimos NetworkManager[949]: sending packet: from 192.168.20.25[500] to 213.115.131.138[500] (244 bytes)
aug 02 08:06:11 deimos NetworkManager[949]: received packet: from 213.115.131.138[500] to 192.168.20.25[500] (304 bytes)
aug 02 08:06:11 deimos NetworkManager[949]: parsed ID_PROT response 0 KE No V V V V NAT-D NAT-D ]
aug 02 08:06:11 deimos NetworkManager[949]: received Cisco Unity vendor ID
aug 02 08:06:11 deimos NetworkManager[949]: received XAuth vendor ID
aug 02 08:06:11 deimos NetworkManager[949]: received unknown vendor ID: 27:0e:0a:94:93:0b:bb:b4:fc:5e:ac:e7:a1:b2:c1:22
aug 02 08:06:11 deimos NetworkManager[949]: received unknown vendor ID: 1f:07:f7:0e:aa:65:14:d3:b0:fa:96:54:2a:50:01:00
aug 02 08:06:11 deimos NetworkManager[949]: faking NAT situation to enforce UDP encapsulation
aug 02 08:06:11 deimos NetworkManager[949]: generating ID_PROT request 0 ID HASH N(INITIAL_CONTACT) ]
aug 02 08:06:11 deimos NetworkManager[949]: sending packet: from 192.168.20.25[4500] to 213.115.131.138[4500] (100 bytes)
aug 02 08:06:11 deimos NetworkManager[949]: received packet: from 213.115.131.138[4500] to 192.168.20.25[4500] (68 bytes)
aug 02 08:06:11 deimos NetworkManager[949]: parsed ID_PROT response 0 ID HASH ]
aug 02 08:06:11 deimos NetworkManager[949]: IKE_SA nm-ipsec-l2tp-24477[1] established between 192.168.20.25[192.168.20.25]...213.115.131.138[213.115.131.138]
aug 02 08:06:11 deimos NetworkManager[949]: scheduling reauthentication in 9986s
aug 02 08:06:11 deimos NetworkManager[949]: maximum IKE_SA lifetime 10526s
aug 02 08:06:11 deimos NetworkManager[949]: generating QUICK_MODE request 2468577163 HASH SA No ID ID NAT-OA NAT-OA ]
aug 02 08:06:11 deimos NetworkManager[949]: sending packet: from 192.168.20.25[4500] to 213.115.131.138[4500] (244 bytes)
aug 02 08:06:11 deimos NetworkManager[949]: received packet: from 213.115.131.138[4500] to 192.168.20.25[4500] (204 bytes)
aug 02 08:06:11 deimos NetworkManager[949]: parsed QUICK_MODE response 2468577163 HASH SA No ID ID N((24576)) NAT-OA NAT-OA ]
aug 02 08:06:11 deimos NetworkManager[949]: no acceptable traffic selectors found
aug 02 08:06:11 deimos NetworkManager[949]: establishing connection 'nm-ipsec-l2tp-24477' failed
aug 02 08:06:11 deimos NetworkManager[949]: ** Message: strongSwan ready for action
aug 02 08:06:11 deimos NetworkManager[949]: ** Message: xl2tpd started with pid 24859
aug 02 08:06:11 deimos NetworkManager[949]: xl2tpd[24859]: setsockopt recvref[30]: Protocol not available
aug 02 08:06:11 deimos NetworkManager[949]: <info> VPN connection 'ClearIT VPN (l2tp)' (Connect) reply received.
aug 02 08:06:11 deimos NetworkManager[949]: xl2tpd[24859]: Using l2tp kernel support.
aug 02 08:06:11 deimos NetworkManager[949]: xl2tpd[24859]: xl2tpd version xl2tpd-1.3.6 started on deimos PID:24859
aug 02 08:06:11 deimos NetworkManager[949]: xl2tpd[24859]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
aug 02 08:06:11 deimos NetworkManager[949]: xl2tpd[24859]: Forked by Scott Balmos and David Stipp, (C) 2001
aug 02 08:06:11 deimos NetworkManager[949]: xl2tpd[24859]: Inherited by Jeff McAdams, (C) 2002
aug 02 08:06:11 deimos NetworkManager[949]: xl2tpd[24859]: Forked again by Xelerance (www.xelerance.com) (C) 2006
aug 02 08:06:11 deimos NetworkManager[949]: xl2tpd[24859]: Listening on IP address 0.0.0.0, port 1701
aug 02 08:06:11 deimos NetworkManager[949]: xl2tpd[24859]: Connecting to host 213.115.131.138, port 1701
aug 02 08:06:16 deimos NetworkManager[949]: xl2tpd[24859]: Maximum retries exceeded for tunnel 36323. Closing.
aug 02 08:06:16 deimos NetworkManager[949]: xl2tpd[24859]: Connection 0 closed to 213.115.131.138, port 1701 (Timeout)
aug 02 08:06:21 deimos NetworkManager[949]: ** (nm-l2tp-service:24477): WARNING **: pppd timeout. Looks like pppd didn't initialize our dbus module
aug 02 08:06:21 deimos NetworkManager[949]: <warn> VPN plugin failed: unknown (7)
aug 02 08:06:21 deimos NetworkManager[949]: xl2tpd[24859]: Unable to deliver closing message for tunnel 36323. Destroying anyway.
aug 02 08:06:51 deimos NetworkManager[949]: <warn> VPN connection 'ClearIT VPN (l2tp)' connect timeout exceeded.
aug 02 08:06:51 deimos NetworkManager[949]: (nm-l2tp-service:24477): GLib-CRITICAL **: Source ID 9 was not found when attempting to remove it
aug 02 08:06:51 deimos NetworkManager[949]: ** Message: Terminated l2tp daemon with PID 24859.
aug 02 08:06:51 deimos NetworkManager[949]: xl2tpd[24859]: death_handler: Fatal signal 15 received
aug 02 08:06:51 deimos NetworkManager[949]: ** Message: ipsec shut down
aug 02 08:06:51 deimos NetworkManager[949]: ** (nm-l2tp-service:24477): WARNING **: xl2tpd exited with error code 1
aug 02 08:06:51 deimos NetworkManager[949]: ** Message: ipsec shut down