Results 1 to 3 of 3

Thread: VPN L2TP connection error (bad protocol: leftprotoport=udp)

  1. #1

    Default VPN L2TP connection error (bad protocol: leftprotoport=udp)

    Hi,

    since last Friday (6th Feb.) my previously rock steady VPN L2TP stopped working. I tripple checked shared keys and passwords, everything seems to be in order. I've spent yesterday evening troublegoogling but couldn't find any solution. Here is what happens.

    Staring the VPN from by 'nmcli conn up <MYVPN>' just gives me:

    Code:
    Error: Connection activation failed: Unknown reason
    Hint: use 'journalctl -xe NM_CONNECTION=f9243dd0-195d-4443-be0b-a1f4e350af48 + NM_DEVICE=em1' to get more details.
    Debug from NetworkManager 'sudo /usr/lib/nm-l2tp-service --debug' while it tries to connect:

    Code:
    nm-l2tp[2944] <debug> nm-l2tp-service (version 1.8.0-2.1) starting...
    nm-l2tp[2944] <debug>  uses default --bus-name "org.freedesktop.NetworkManager.l2tp"
    nm-l2tp[2944] <info>  ipsec enable flag: yes
    ** Message: 09:03:08.564: Check port 1701
    connection
            id : <MYVPN>
            permissions : []
            type : 'vpn'
            uuid : 'f9243dd0-195d-4443-be0b-a1f4e350af48'
    
    ipv6
            address-data : []
            dns : []
            dns-search : []
            method : 'auto'
            route-data : []
    
    ipv4
            address-data : []
            dns : []
            dns-search : []
            method : 'auto'
            route-data : []
    
    proxy
    
    vpn
            data : {'gateway': 'XXXXXX', 'ipsec-enabled': 'yes', 'ipsec-esp': '3des-sha1', 'ipsec-ike': '3des-sha1-modp1024', 'ipsec-psk': 'XXXXXX', 'mru': '1400', 'mtu': '1400', 'password-flags': '0', 'refuse-chap': 'yes', 'refuse-eap': 'yes', 'refuse-pap': 'yes', 'require-mppe': 'yes', 'user': 'XXXXXX'}
            secrets : {'password': 'XXXXXX'}
            service-type : 'org.freedesktop.NetworkManager.l2tp'
    
    nm-l2tp[2944] <info>  starting ipsec
    Stopping strongSwan IPsec failed: starter is not running
    Starting strongSwan 5.8.2 IPsec [starter]...
    Loading config setup
    Loading conn 'f9243dd0-195d-4443-be0b-a1f4e350af48'
    # bad protocol: leftprotoport=udp
      bad argument value in conn 'f9243dd0-195d-4443-be0b-a1f4e350af48'
    # bad protocol: rightprotoport=udp
      bad argument value in conn 'f9243dd0-195d-4443-be0b-a1f4e350af48'
    # ignored conn 'f9243dd0-195d-4443-be0b-a1f4e350af48' due to 2 parsing errors
    ### 2 parsing errors (0 fatal) ###
    nm-l2tp[2944] <info>  Spawned ipsec up script with PID 3267.
    no config named 'f9243dd0-195d-4443-be0b-a1f4e350af48'
    Stopping strongSwan IPsec...
    nm-l2tp[2944] <warn>  Could not establish IPsec tunnel.
    
    (nm-l2tp-service:2944): GLib-GIO-CRITICAL **: 09:03:12.026: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
    Does anyone run into the same errors? Does anyone know what is causing these parsing errors?

    The internet suggests to adjust the /etc/ipsec.conf file, but on my TUMBLEWEED system this does not contain any configurations.

    Best,
    yonne

  2. #2
    Join Date
    Sep 2012
    Posts
    5,393

    Default Re: VPN L2TP connection error (bad protocol: leftprotoport=udp)

    Quote Originally Posted by yonne View Post
    Code:
    # bad protocol: leftprotoport=udp
      bad argument value in conn 'f9243dd0-195d-4443-be0b-a1f4e350af48'
    Most likely result of moving some configuration files from /etc to /usr/etc. You need to adjust /etc/nsswitch.conf to access them again. See https://forums.opensuse.org/showthre...59#post2926659

  3. #3

    Default Re: VPN L2TP connection error (bad protocol: leftprotoport=udp)

    Quote Originally Posted by arvidjaar View Post
    Most likely result of moving some configuration files from /etc to /usr/etc. You need to adjust /etc/nsswitch.conf to access them again. See https://forums.opensuse.org/showthre...59#post2926659
    Splendid! adjusting /etc/nsswitch.conf did the trick. I'm now connected to the VPN. As suggested in your link, I replaced /etc/nsswitch.conf with /etc/nsswitch.conf.rpmnew and it worked!

    Thanks arvidjaar!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •