Hi,
since last Friday (6th Feb.) my previously rock steady VPN L2TP stopped working. I tripple checked shared keys and passwords, everything seems to be in order. I’ve spent yesterday evening troublegoogling but couldn’t find any solution. Here is what happens.
Staring the VPN from by ‘nmcli conn up <MYVPN>’ just gives me:
Error: Connection activation failed: Unknown reason
Hint: use 'journalctl -xe NM_CONNECTION=f9243dd0-195d-4443-be0b-a1f4e350af48 + NM_DEVICE=em1' to get more details.
Debug from NetworkManager ‘sudo /usr/lib/nm-l2tp-service --debug’ while it tries to connect:
nm-l2tp[2944] <debug> nm-l2tp-service (version 1.8.0-2.1) starting...
nm-l2tp[2944] <debug> uses default --bus-name "org.freedesktop.NetworkManager.l2tp"
nm-l2tp[2944] <info> ipsec enable flag: yes
** Message: 09:03:08.564: Check port 1701
connection
id : <MYVPN>
permissions : ]
type : 'vpn'
uuid : 'f9243dd0-195d-4443-be0b-a1f4e350af48'
ipv6
address-data : ]
dns : ]
dns-search : ]
method : 'auto'
route-data : ]
ipv4
address-data : ]
dns : ]
dns-search : ]
method : 'auto'
route-data : ]
proxy
vpn
data : {'gateway': 'XXXXXX', 'ipsec-enabled': 'yes', 'ipsec-esp': '3des-sha1', 'ipsec-ike': '3des-sha1-modp1024', 'ipsec-psk': 'XXXXXX', 'mru': '1400', 'mtu': '1400', 'password-flags': '0', 'refuse-chap': 'yes', 'refuse-eap': 'yes', 'refuse-pap': 'yes', 'require-mppe': 'yes', 'user': 'XXXXXX'}
secrets : {'password': 'XXXXXX'}
service-type : 'org.freedesktop.NetworkManager.l2tp'
nm-l2tp[2944] <info> starting ipsec
Stopping strongSwan IPsec failed: starter is not running
Starting strongSwan 5.8.2 IPsec [starter]...
Loading config setup
Loading conn 'f9243dd0-195d-4443-be0b-a1f4e350af48'
# bad protocol: leftprotoport=udp
bad argument value in conn 'f9243dd0-195d-4443-be0b-a1f4e350af48'
# bad protocol: rightprotoport=udp
bad argument value in conn 'f9243dd0-195d-4443-be0b-a1f4e350af48'
# ignored conn 'f9243dd0-195d-4443-be0b-a1f4e350af48' due to 2 parsing errors
### 2 parsing errors (0 fatal) ###
nm-l2tp[2944] <info> Spawned ipsec up script with PID 3267.
no config named 'f9243dd0-195d-4443-be0b-a1f4e350af48'
Stopping strongSwan IPsec...
nm-l2tp[2944] <warn> Could not establish IPsec tunnel.
(nm-l2tp-service:2944): GLib-GIO-CRITICAL **: 09:03:12.026: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Does anyone run into the same errors? Does anyone know what is causing these parsing errors?
The internet suggests to adjust the /etc/ipsec.conf file, but on my TUMBLEWEED system this does not contain any configurations.
Best,
yonne