openl2tp-users Mailing List for OpenL2TP
Status: Inactive
Brought to you by:
jameschapman
You can subscribe to this list here.
2004 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(8) |
Oct
(3) |
Nov
|
Dec
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
2005 |
Jan
(2) |
Feb
(1) |
Mar
(6) |
Apr
|
May
(35) |
Jun
(2) |
Jul
(5) |
Aug
(4) |
Sep
(6) |
Oct
(10) |
Nov
(2) |
Dec
(4) |
2006 |
Jan
(6) |
Feb
|
Mar
|
Apr
(11) |
May
(2) |
Jun
(12) |
Jul
(23) |
Aug
(11) |
Sep
(11) |
Oct
(8) |
Nov
|
Dec
(26) |
2007 |
Jan
(21) |
Feb
(27) |
Mar
(6) |
Apr
(22) |
May
(8) |
Jun
(8) |
Jul
(31) |
Aug
(3) |
Sep
(10) |
Oct
(40) |
Nov
(15) |
Dec
(21) |
2008 |
Jan
(11) |
Feb
(34) |
Mar
(22) |
Apr
(11) |
May
(37) |
Jun
(11) |
Jul
(1) |
Aug
(40) |
Sep
(27) |
Oct
(36) |
Nov
(22) |
Dec
(19) |
2009 |
Jan
(11) |
Feb
(37) |
Mar
(18) |
Apr
(20) |
May
(8) |
Jun
(2) |
Jul
|
Aug
|
Sep
(9) |
Oct
(9) |
Nov
(4) |
Dec
(7) |
2010 |
Jan
(9) |
Feb
(3) |
Mar
(8) |
Apr
(28) |
May
(13) |
Jun
(11) |
Jul
(5) |
Aug
(8) |
Sep
(1) |
Oct
|
Nov
(4) |
Dec
(22) |
2011 |
Jan
(4) |
Feb
(9) |
Mar
(6) |
Apr
(14) |
May
(8) |
Jun
(7) |
Jul
|
Aug
|
Sep
(3) |
Oct
(3) |
Nov
(1) |
Dec
(1) |
2012 |
Jan
(4) |
Feb
(1) |
Mar
(1) |
Apr
|
May
(12) |
Jun
(6) |
Jul
|
Aug
(1) |
Sep
(1) |
Oct
|
Nov
(6) |
Dec
|
2013 |
Jan
(1) |
Feb
|
Mar
|
Apr
(7) |
May
(1) |
Jun
|
Jul
(2) |
Aug
(6) |
Sep
(14) |
Oct
|
Nov
|
Dec
|
2014 |
Jan
|
Feb
(2) |
Mar
(2) |
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(3) |
Dec
|
2015 |
Jan
|
Feb
(3) |
Mar
|
Apr
(1) |
May
(6) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: James C. <jam...@op...> - 2015-05-28 06:37:12
|
What is the physical link between C1 annd M1? PPP can be used over a serial line (e.g. modem link), or ATM, or ethernet, or others. When used as a LAC, OpenL2TP would need to pass the PPP frames from C1 over the L2TP tunnel to M2. (PPP is carried inside the L2TP tunnel.) OpenL2TP does not have this feature. To debug your setup, enable debug. The simplest way to do so for install testing is to run openl2tpd -d all -D -f. When not run in the foreground, debug will go to syslog. James On 27/05/15 17:16, Ajay Garg wrote: > Hi James, > > Thanks a ton for taking the time !! > Also, I am extremely sorry for not being clear before. > > > What we want is a simple vanilla setup as follows :: > > Android Client (C1) ----- LAC (M1) ------ LNS (M2) > > > If I understand https://www.ietf.org/rfc/rfc2661.txt correctly, the C1 > <--> M1 path would be simple PPP, while the M1 <--> M2 path would be > L2TP. Implicit is the fact that M1 would be the L2TP-client, while M2 > would be the L2TP-server. > > > > So, in the above, my base question remains the same :) > > Will the above _pre-configurations_ suffice, and cause all > tunnel/session creations to be done automatically, _without any further > configuration_ ? > > Or tunnel/session creations need to be _configured AND created on the > fly_ upon each incoming end-point-VPN-request ? > > > > Thanks again for your time; hoping to hear more from you experts !!! > > > Thanks and Regards, > Ajay > > On Wed, May 27, 2015 at 6:27 PM, James Chapman > <jam...@op... <mailto:jam...@op...>> wrote: > > If I understand you correctly, you want a feature sometimes referred > to as "tunnel switching" where L2TP sessions are forwarded by the > LAC to the LNS over other L2TP tunnels. OpenL2TP does not support > this feature. > > It might be possible to use the OpenL2TP and PPP event scripts to > setup IP forwarding rules at the LAC, where the LAC has a PPP > instance terminating the connection from the client, and a PPP > instance used to connect with the LNS, for each user client > connection. Then, event scripts would setup IP forwarding rules to > route traffic from one PPP interface to another. The datapath would > look something like:- > > Android client ------ L2TP ---------- ppp0 LAC ppp1 -------- L2TP > ----------- ppp42 LNS > > The ppp interfaces ppp0 and ppp1 at the LAC would be assigned IP > addresses. IP routing would cause traffic arriving on ppp0 to be > routed via ppp1 and vice versa. > > However, the above would not be easy to setup and manage. It would > also not be scalable since you'd have two pppd instances for every > Android client connection at the LAC. > > James > > > On 27/05/15 10:38, Ajay Garg wrote: >> Hi All. >> >> We are wishing to setup VPN via L2TP in an end-to-end scenario. >> However, we have some queries regarding the integration of >> OpenL2TP in this end-to-end scenario. >> >> >> >> === The intended scneario (Very High Level) === >> >> OpenL2TP-framework is set up, and an end-point-client connects to >> this VPN. >> >> >> >> === The intended scneario (High Level) === >> >> LAC is set up on machine M1. >> LNS is set up on machine M2. >> >> >> Android Phone C1 connects to VPN, using *M1 as the server in the >> credentials* (please correct me if I am wrong in this regard). >> >> >> >> === Queries === >> >> a) >> Following *static, pre-configured* settings have been done :: >> >> >> On LAC (M1) :: >> ---------------------- >> >> 1) >> Peer-Profile(s) for C1 authentication etc. >> >> 2) >> PPP-Profile(s) for C1 authentication etc. >> >> 3) >> Tunnel-Profile(s), that will be used to create M1 <--> >> M2 tunnels when end-point-VPN-requests (calls) come in. >> >> 4) >> Session-Profile(s), that will be used to create M1 >> <--> M2 sessions when end-point-VPN-requests (calls) come in. >> >> >> >> On LNS (M2) :: >> ------------------------ >> >> No profile to be set up. >> >> >> Will the above *pre-configurations* suffice, and cause all >> tunnel/session creations to be done *automatically* ? >> Or tunnel/session creations need to be created on the fly >> *pseudo-manually* upon *each* incoming end-point-VPN-request ? >> >> >> Hoping for a reply to the above, as it will help clear our >> understanding of how openl2tp may fit into the larger scheme of >> things. >> >> >> >> Thanks and Regards, >> Ajay >> >> >> ------------------------------------------------------------------------------ >> >> >> _______________________________________________ >> Openl2tp-users mailing list >> Ope...@li... <mailto:Ope...@li...> >> https://lists.sourceforge.net/lists/listinfo/openl2tp-users > > > > > -- > Regards, > Ajay |
From: Ajay G. <aja...@gm...> - 2015-05-28 05:50:06
|
In fact, when I do ##################################################### l2tp> session show tunnel_id=50572 session_id=55387 Operation failed: Session not found Error at or near 'show' ###################################################### So seems the session was not created, but l2tpconfig informed that the session was created fine. Bigger question: How can I see what caused the session to not being set up? Thanks and Regards, Ajay On Thu, May 28, 2015 at 10:59 AM, Ajay Garg <aja...@gm...> wrote: > Hi All. > > I am trying a simple "Hello World" setup with two machines, one acting as > L2TP-client (LAC) and the other as L2TP-server (LNS). > > > Following is a sequence of commands run on the LAC. > As seen in the last command, no session-listing is visible. > > ##################################################### > l2tp> tunnel list > > l2tp> tunnel create dest_ipaddr=192.168.1.113 > Created tunnel 50572 > > l2tp> tunnel list > TunId Peer Local PeerTId ConfigId > State > 50572 192.168.1.113 192.168.1.100 3345 1 > ESTABLISHED > > l2tp> session create tunnel_id=50572 > Created session 50572/55387 > > l2tp> session list tunnel_id=50572 > > l2tp> > ###################################################### > > Any pointers please ...??!! > > > Thanks and Regards, > Ajay > -- Regards, Ajay |
From: Ajay G. <aja...@gm...> - 2015-05-28 05:29:46
|
Hi All. I am trying a simple "Hello World" setup with two machines, one acting as L2TP-client (LAC) and the other as L2TP-server (LNS). Following is a sequence of commands run on the LAC. As seen in the last command, no session-listing is visible. ##################################################### l2tp> tunnel list l2tp> tunnel create dest_ipaddr=192.168.1.113 Created tunnel 50572 l2tp> tunnel list TunId Peer Local PeerTId ConfigId State 50572 192.168.1.113 192.168.1.100 3345 1 ESTABLISHED l2tp> session create tunnel_id=50572 Created session 50572/55387 l2tp> session list tunnel_id=50572 l2tp> ###################################################### Any pointers please ...??!! Thanks and Regards, Ajay |
From: Ajay G. <aja...@gm...> - 2015-05-27 16:16:26
|
Hi James, Thanks a ton for taking the time !! Also, I am extremely sorry for not being clear before. What we want is a simple vanilla setup as follows :: Android Client (C1) ----- LAC (M1) ------ LNS (M2) If I understand https://www.ietf.org/rfc/rfc2661.txt correctly, the C1 <--> M1 path would be simple PPP, while the M1 <--> M2 path would be L2TP. Implicit is the fact that M1 would be the L2TP-client, while M2 would be the L2TP-server. So, in the above, my base question remains the same :) Will the above *pre-configurations* suffice, and cause all tunnel/session creations to be done automatically, *without any further configuration* ? Or tunnel/session creations need to be *configured AND created on the fly* upon each incoming end-point-VPN-request ? Thanks again for your time; hoping to hear more from you experts !!! Thanks and Regards, Ajay On Wed, May 27, 2015 at 6:27 PM, James Chapman <jam...@op...> wrote: > If I understand you correctly, you want a feature sometimes referred to > as "tunnel switching" where L2TP sessions are forwarded by the LAC to the > LNS over other L2TP tunnels. OpenL2TP does not support this feature. > > It might be possible to use the OpenL2TP and PPP event scripts to setup IP > forwarding rules at the LAC, where the LAC has a PPP instance terminating > the connection from the client, and a PPP instance used to connect with the > LNS, for each user client connection. Then, event scripts would setup IP > forwarding rules to route traffic from one PPP interface to another. The > datapath would look something like:- > > Android client ------ L2TP ---------- ppp0 LAC ppp1 -------- L2TP > ----------- ppp42 LNS > > The ppp interfaces ppp0 and ppp1 at the LAC would be assigned IP > addresses. IP routing would cause traffic arriving on ppp0 to be routed via > ppp1 and vice versa. > > However, the above would not be easy to setup and manage. It would also > not be scalable since you'd have two pppd instances for every Android > client connection at the LAC. > > James > > > On 27/05/15 10:38, Ajay Garg wrote: > > Hi All. > > We are wishing to setup VPN via L2TP in an end-to-end scenario. > However, we have some queries regarding the integration of OpenL2TP in > this end-to-end scenario. > > > > === The intended scneario (Very High Level) === > > OpenL2TP-framework is set up, and an end-point-client connects to this > VPN. > > > > === The intended scneario (High Level) === > > LAC is set up on machine M1. > LNS is set up on machine M2. > > > Android Phone C1 connects to VPN, using *M1 as the server in the > credentials* (please correct me if I am wrong in this regard). > > > > === Queries === > > a) > Following *static, pre-configured* settings have been done :: > > > On LAC (M1) :: > ---------------------- > > 1) > Peer-Profile(s) for C1 authentication etc. > > 2) > PPP-Profile(s) for C1 authentication etc. > > 3) > Tunnel-Profile(s), that will be used to create M1 <--> M2 > tunnels when end-point-VPN-requests (calls) come in. > > 4) > Session-Profile(s), that will be used to create M1 <--> M2 > sessions when end-point-VPN-requests (calls) come in. > > > > On LNS (M2) :: > ------------------------ > > No profile to be set up. > > > Will the above *pre-configurations* suffice, and cause all > tunnel/session creations to be done *automatically* ? > Or tunnel/session creations need to be created on the fly > *pseudo-manually* upon *each* incoming end-point-VPN-request ? > > > Hoping for a reply to the above, as it will help clear our understanding > of how openl2tp may fit into the larger scheme of things. > > > > Thanks and Regards, > Ajay > > > ------------------------------------------------------------------------------ > > > > _______________________________________________ > Openl2tp-users mailing lis...@li...https://lists.sourceforge.net/lists/listinfo/openl2tp-users > > > -- Regards, Ajay |
From: James C. <jam...@op...> - 2015-05-27 13:14:32
|
<html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> </head> <body text="#000000" bgcolor="#FFFFFF"> <div class="moz-cite-prefix">If I understand you correctly, you want a feature sometimes referred to as "tunnel switching" where L2TP sessions are forwarded by the LAC to the LNS over other L2TP tunnels. OpenL2TP does not support this feature.<br> <br> It might be possible to use the OpenL2TP and PPP event scripts to setup IP forwarding rules at the LAC, where the LAC has a PPP instance terminating the connection from the client, and a PPP instance used to connect with the LNS, for each user client connection. Then, event scripts would setup IP forwarding rules to route traffic from one PPP interface to another. The datapath would look something like:-<br> <br> Android client ------ L2TP ---------- ppp0 LAC ppp1 -------- L2TP ----------- ppp42 LNS<br> <br> The ppp interfaces ppp0 and ppp1 at the LAC would be assigned IP addresses. IP routing would cause traffic arriving on ppp0 to be routed via ppp1 and vice versa.<br> <br> However, the above would not be easy to setup and manage. It would also not be scalable since you'd have two pppd instances for every Android client connection at the LAC.<br> <br> James<br> <br> On 27/05/15 10:38, Ajay Garg wrote:<br> </div> <blockquote cite="mid:CAH...@ma..." type="cite"> <div dir="ltr"> <div> <div> <div> <div> <div> <div> <div> <div> <div> <div> <div>Hi All.<br> <br> </div> We are wishing to setup VPN via L2TP in an end-to-end scenario.<br> </div> However, we have some queries regarding the integration of OpenL2TP in this end-to-end scenario.<br> <br> <br> <br> </div> <div>=== The intended scneario (Very High Level) ===<br> <br> </div> <div>OpenL2TP-framework is set up, and an end-point-client connects to this VPN.<br> <br> <br> <br> </div> <div>=== The intended scneario (High Level) ===<br> <br> LAC is set up on machine M1.<br> </div> <div>LNS is set up on machine M2.<br> </div> <div><br> <br> </div> <div>Android Phone C1 connects to VPN, using <b>M1 as the server in the credentials</b> (please correct me if I am wrong in this regard).<br> <br> <br> <br> </div> <div>=== Queries ===<br> <br> </div> <div>a)<br> </div> Following <b>static, pre-configured</b> settings have been done ::<br> <br> <br> </div> On LAC (M1) ::<br> ----------------------<br> <br> 1)<br> </div> Peer-Profile(s) for C1 authentication etc.<br> <br> 2)<br> PPP-Profile(s) for C1 authentication etc.<br> <br> 3)<br> </div> Tunnel-Profile(s), that will be used to create M1 <--> M2 tunnels when end-point-VPN-requests (calls) come in.<br> <br> 4)<br> </div> Session-Profile(s), that will be used to create M1 <--> M2 sessions when end-point-VPN-requests (calls) come in.<br> <br> <br> <br> </div> On LNS (M2) ::<br> ------------------------<br> <br> </div> No profile to be set up.<br> <br> <br> </div> Will the above <b>pre-configurations</b> suffice, and cause all tunnel/session creations to be done <b>automatically</b> ? <br> Or tunnel/session creations need to be created on the fly <b>pseudo-manually</b> upon <b>each</b> incoming end-point-VPN-request ?<br> <br> <br> </div> <div>Hoping for a reply to the above, as it will help clear our understanding of how openl2tp may fit into the larger scheme of things.<br> <br> <br> <div> <div> <div> <div> <div> <div> <div> <div> <div> <div> <div> <br> <div class="gmail_signature">Thanks and Regards,<br> Ajay<br> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">------------------------------------------------------------------------------ </pre> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">_______________________________________________ Openl2tp-users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Ope...@li...">Ope...@li...</a> <a class="moz-txt-link-freetext" href="https://lists.sourceforge.net/lists/listinfo/openl2tp-users">https://lists.sourceforge.net/lists/listinfo/openl2tp-users</a> </pre> </blockquote> <br> </body> </html> |
From: Ajay G. <aja...@gm...> - 2015-05-27 09:38:59
|
Hi All. We are wishing to setup VPN via L2TP in an end-to-end scenario. However, we have some queries regarding the integration of OpenL2TP in this end-to-end scenario. === The intended scneario (Very High Level) === OpenL2TP-framework is set up, and an end-point-client connects to this VPN. === The intended scneario (High Level) === LAC is set up on machine M1. LNS is set up on machine M2. Android Phone C1 connects to VPN, using *M1 as the server in the credentials* (please correct me if I am wrong in this regard). === Queries === a) Following *static, pre-configured* settings have been done :: On LAC (M1) :: ---------------------- 1) Peer-Profile(s) for C1 authentication etc. 2) PPP-Profile(s) for C1 authentication etc. 3) Tunnel-Profile(s), that will be used to create M1 <--> M2 tunnels when end-point-VPN-requests (calls) come in. 4) Session-Profile(s), that will be used to create M1 <--> M2 sessions when end-point-VPN-requests (calls) come in. On LNS (M2) :: ------------------------ No profile to be set up. Will the above *pre-configurations* suffice, and cause all tunnel/session creations to be done *automatically* ? Or tunnel/session creations need to be created on the fly *pseudo-manually* upon *each* incoming end-point-VPN-request ? Hoping for a reply to the above, as it will help clear our understanding of how openl2tp may fit into the larger scheme of things. Thanks and Regards, Ajay |
From: Kamnee M. <kam...@gm...> - 2015-04-28 12:36:40
|
Hello, I just want to clear something that when I established tunnel after that ICRQ message should be send but in logs I observed that it shows error as " SYSTEM: Internal FSM error: LAIC: fsmi->state=3750194 event=0 fsm->num_states=4 fsme->state 0" I unable to get why fsmi->state is shown like this. Thank you |
From: Dakait G. <dak...@gm...> - 2015-02-18 05:35:50
|
---------- Forwarded message ---------- From: Dakait Gujjar <dak...@gm...> Date: Wed, Feb 18, 2015 at 10:21 AM Subject: openl2tp compile 2.6.32 kernel CentOS 6 To: ope...@li... hi list, im trying to install openl2tp 1.8 on centos 6 but getting following error gcc -I. -MMD -w -O -c -DYY_NO_UNPUT l2tp_config_token.c gcc -I. -MMD -w -O -c -DYY_NO_UNPUT l2tp_config_parse.c gcc -o openl2tpd l2tp_main.o l2tp_common.o l2tp_avp.o l2tp_packet.o l2tp_network.o l2tp_tunnel.o l2tp_peer.o l2tp_transport.o l2tp_session.o l2tp_ppp.o l2tp_plugin.o l2tp_event.o l2tp_test.o md5.o l2tp_api.o l2tp_rpc_server.o l2tp_rpc_xdr.o l2tp_config_token.o l2tp_config_parse.o -Wl,-E -L. -Lusl -lusl -ldl -lc -lfl /usr/bin/ld: cannot find -lfl collect2: ld returned 1 exit status make: *** [openl2tpd] Error 1 here is an open question on Stackoverflow http://stackoverflow.com/questions/28576087/openl2tp-make-on-centos |
From: Andrew V. S. <st...@al...> - 2015-02-02 11:50:29
|
Hello I have segfault at openl2tp 1.8 shutdown. I can clearly see segfault with new xl2tpd version: Program terminated with signal 11, Segmentation fault. #0 0xb7fd7d90 in ?? () (gdb) bt #0 0xb7fd7d90 in ?? () #1 0x080817d6 in usl_pid_reap_children (waitfor=1) at usl_pid.c:113 #2 0x080819d9 in usl_sigchld (sig=0) at usl_signal.c:113 #3 0x08050cda in printf (__fmt=0x8083782 "yet supported") at /usr/include/bits/stdio2.h:104 #4 l2tp_cleanup () at l2tp_main.c:803 #5 l2tp_cleanup () at l2tp_main.c:760 #6 0xb7e86031 in ?? () from /lib/libc.so.6 #7 0xb7e860bd in exit () from /lib/libc.so.6 #8 0x08050bd6 in l2tp_cleanup () at l2tp_main.c:766 #9 0x08081fcb in usl_signal_init () at usl_signal.c:259 #10 0x00000000 in ?? () The point is: ./usl/usl_pid.c : /* If a callback is registered, call it now */ if (have_callback && (child->callback != NULL)) { (*child->callback)(child->arg, child->pid, sig); } But you already have destroyed plugin at this point. cat altlinux/openl2tp-1.8-cleanup-alt.patch diff --git a/l2tp_main.c b/l2tp_main.c index 39f89d2..3136e37 100644 --- a/l2tp_main.c +++ b/l2tp_main.c @@ -783,12 +783,12 @@ static void l2tp_cleanup(void) l2tp_xprt_cleanup(); l2tp_tunnel_cleanup(); l2tp_peer_cleanup(); - l2tp_plugin_cleanup(); usl_timer_cleanup(); usl_fd_cleanup(); usl_signal_cleanup(); usl_pid_cleanup(); + l2tp_plugin_cleanup(); if (l2tp_rand_fd != 0) { close(l2tp_rand_fd); |
From: Andrew V. S. <st...@al...> - 2015-02-02 10:37:40
|
Hello I have segfault at openl2tp 1.8 shutdown. I can clearly see segfault with new xl2tpd version: Program terminated with signal 11, Segmentation fault. #0 0xb7fd7d90 in ?? () (gdb) bt #0 0xb7fd7d90 in ?? () #1 0x080817d6 in usl_pid_reap_children (waitfor=1) at usl_pid.c:113 #2 0x080819d9 in usl_sigchld (sig=0) at usl_signal.c:113 #3 0x08050cda in printf (__fmt=0x8083782 "yet supported") at /usr/include/bits/stdio2.h:104 #4 l2tp_cleanup () at l2tp_main.c:803 #5 l2tp_cleanup () at l2tp_main.c:760 #6 0xb7e86031 in ?? () from /lib/libc.so.6 #7 0xb7e860bd in exit () from /lib/libc.so.6 #8 0x08050bd6 in l2tp_cleanup () at l2tp_main.c:766 #9 0x08081fcb in usl_signal_init () at usl_signal.c:259 #10 0x00000000 in ?? () The point is: ./usl/usl_pid.c : /* If a callback is registered, call it now */ if (have_callback && (child->callback != NULL)) { (*child->callback)(child->arg, child->pid, sig); } But you already have destroyed plugin at this point. cat altlinux/openl2tp-1.8-cleanup-alt.patch diff --git a/l2tp_main.c b/l2tp_main.c index 39f89d2..3136e37 100644 --- a/l2tp_main.c +++ b/l2tp_main.c @@ -783,12 +783,12 @@ static void l2tp_cleanup(void) l2tp_xprt_cleanup(); l2tp_tunnel_cleanup(); l2tp_peer_cleanup(); - l2tp_plugin_cleanup(); usl_timer_cleanup(); usl_fd_cleanup(); usl_signal_cleanup(); usl_pid_cleanup(); + l2tp_plugin_cleanup(); if (l2tp_rand_fd != 0) { close(l2tp_rand_fd); |
From: Mahmoud B. <mah...@gm...> - 2014-11-19 21:54:45
|
Dear All Can any one help me please on how to install *OpenL2TP 1.8* on centos as i can't make the package *.tar.gz* as an *.rpm* by using *rpmbuild,* what is the issue please i use :- *CentOS release 6.3 (Final)* *Kernel 2.6.32-279.el6.x86_64* *#rpmbuild openl2tp-1.0.tar.gz error: File /root/openl2tp-1.0.tar.gz does not appear to be a specfile.* Thanks & Regards, *Mahmoud Bahgat* IT Network Security Engineer Maadi, Egypt Mob: 01020036998 E: mah...@gm... On Sun, Nov 16, 2014 at 12:33 PM, Mahmoud Bahgat <mah...@gm... > wrote: > *Dears,* > Can any one give me a detailed for *OpenL2TP* installation on Centos 6.3 > > Thanks & Regards, > > *Mahmoud Bahgat* > Network Security Engineer > Maadi, Egypt > Mob: 01020036998 > E: mah...@gm... > > |
From: Mahmoud B. <mah...@gm...> - 2014-11-17 13:40:20
|
*Dears,* I hope my email finds you well, i need to install OpenL2TP vpn tunnel on my centos machine, can any one please feedback me with what i should to do Thanks in advance Thanks & Regards, *Mahmoud Bahgat* IT Network Security Engineer Maadi, Egypt Mob: 01020036998 E: mah...@gm... On Sun, Nov 16, 2014 at 12:33 PM, Mahmoud Bahgat <mah...@gm... > wrote: > *Dears,* > Can any one give me a detailed for *OpenL2TP* installation on Centos 6.3 > > Thanks & Regards, > > *Mahmoud Bahgat* > Network Security Engineer > Maadi, Egypt > Mob: 01020036998 > E: mah...@gm... > > |
From: Mahmoud B. <mah...@gm...> - 2014-11-16 10:33:28
|
*Dears,* Can any one give me a detailed for *OpenL2TP* installation on Centos 6.3 Thanks & Regards, *Mahmoud Bahgat* Network Security Engineer Maadi, Egypt Mob: 01020036998 E: mah...@gm... |
From: Milan K. <mil...@ha...> - 2014-04-22 08:21:55
|
Hi James. Thank you very much. Mac address is now changeable. A faith with bonding can continue Regards M. Dne 22.4.2014 09:30, James Chapman napsal(a): > Hi Milan, > > Please try the attached patch. > > On 18/04/14 13:48, Milan Kočvara wrote: >> Good morning, >> I would like ask you, members, if someone could help me to write a patch >> for l2tpv3. >> >> I would like use l2tpeth interface in bond Round/robin, but it does not >> work because of l2tp does not allow to change mac address. And this is >> needed. >> >> Thanks M. >> |
From: James C. <jch...@ka...> - 2014-04-22 07:30:20
|
Hi Milan, Please try the attached patch. On 18/04/14 13:48, Milan Kočvara wrote: > Good morning, > I would like ask you, members, if someone could help me to write a patch > for l2tpv3. > > I would like use l2tpeth interface in bond Round/robin, but it does not > work because of l2tp does not allow to change mac address. And this is > needed. > > Thanks M. > -- James Chapman Katalix Systems Ltd http://www.katalix.com Catalysts for your Embedded Linux software development |
From: Milan K. <mil...@ha...> - 2014-04-18 13:37:03
|
Good morning, I would like ask you, members, if someone could help me to write a patch for l2tpv3. I would like use l2tpeth interface in bond Round/robin, but it does not work because of l2tp does not allow to change mac address. And this is needed. Thanks M. |
From: James C. <jch...@ka...> - 2014-03-18 08:08:15
|
Hi Marios, On 17/03/14 15:29, Marios Makassikis wrote: > Hello list, > > I am crossposting this on the mailing as I don't know if anyone reads > the online forum. > > I would like to know if there is a roadmap concerning IPv6 support in > openl2tp. There is unfortunately no work planned on this due to lack of time. If you or anyone on this list would be interested in doing this work, please let me know - I'd be happy to provide guidance, if needed. > It has come to my attention that while openl2tp implements IPv6CP and as > such it is possible to provide IPv6 connectivity to peers, the openl2tp > daemon in itself only listens on a IPv4 socket. I peeked through the > code and noticed that all structures are IPv4 specific. > > Are there any plans to add support for IPv6 as an encapsulating protocol > ? If yes, is there a timeline as to when such a feature would be available ? > > Regards, > > Marios Regards, James |
From: Marios M. <mma...@gm...> - 2014-03-17 15:29:15
|
Hello list, I am crossposting this on the mailing as I don't know if anyone reads the online forum. I would like to know if there is a roadmap concerning IPv6 support in openl2tp. It has come to my attention that while openl2tp implements IPv6CP and as such it is possible to provide IPv6 connectivity to peers, the openl2tp daemon in itself only listens on a IPv4 socket. I peeked through the code and noticed that all structures are IPv4 specific. Are there any plans to add support for IPv6 as an encapsulating protocol ? If yes, is there a timeline as to when such a feature would be available ? Regards, Marios |
From: Greg <gre...@gm...> - 2014-02-23 12:19:48
|
hey guys, I just wanted to know a few things: 1, Can openl2tp handle pptp? (I know it uses pppd, so I figured there is a chance) 2, Is it able to use ipsec? 3, (Most important) Can I use a script to authenticate users? -- Thank you, Greg Borbonus *Nix Server administrator |
From: James C. <jch...@ka...> - 2013-09-25 09:31:59
|
On 24/09/13 23:04, Naveen Neelakanta wrote: > Hi, > > Can i use strongswan to along with openl2tp to achieve l2tp-Ipsec VPN > client. Yes, openl2tp is transparent to the IPSec tools used. IPSec can be more complicated if NAT is in the path. Setup IPSec first to secure a simple protocol, then configure it to secure L2TP. > I was able to establish the l2tp tunnel What was the problem with the ppp config? It might help other people if they see similar problems. > and now i want to protect all > the l2tp > packets using ipsec protocol. > > Thanks > Naveen -- James Chapman Katalix Systems Ltd http://www.katalix.com Catalysts for your Embedded Linux software development |
From: Naveen N. <nbn...@gm...> - 2013-09-24 22:04:45
|
Hi, Can i use strongswan to along with openl2tp to achieve l2tp-Ipsec VPN client. I was able to establish the l2tp tunnel and now i want to protect all the l2tp packets using ipsec protocol. Thanks Naveen |
From: Naveen N. <nbn...@gm...> - 2013-09-24 18:26:31
|
Hi James, I had have removed all the options in the /etc/ppp/options so that it does not override. but still i see that the ppp connection terminates . Also i see that the ppp seeesion uses the local ip for tunnel and sends a nak for 10.5.1.1 sent by server . Please let me know where could be the issue. /****** client log***********/ rcvd [PAP AuthAck id=0x1 "Login ok"] Remote message: Login ok PAP authentication succeeded sent [IPCP ConfReq id=0x1 <addr 0.0.0.0>] rcvd [IPCP ConfReq id=0x1 <addr 10.5.1.1>] sent [IPCP ConfAck id=0x1 <addr 10.5.1.1>] rcvd [IPCP ConfNak id=0x1 <addr 10.42.176.85>] sent [IPCP ConfReq id=0x2 <addr 10.42.176.85>] rcvd [IPCP ConfAck id=0x2 <addr 10.42.176.85>] local IP address 10.42.176.85 remote IP address 10.5.1.1 /*************************** If any one has tried openl2tp please share the configuration details. Thanks Naveen On Mon, Sep 23, 2013 at 11:27 PM, James Chapman <jch...@ka...>wrote: > Hi Naveen, > > Check for local ppp settings in /etc/ppp/options at the client or the > server. These may be overriding settings used by openl2tp. > > James > > On 24/09/13 03:15, Naveen Neelakanta wrote: > > > > Hi All, > > > > I am not able to get the client ip addres assigned from server, Can you > > please > > help me figure what exactly is the issue . The server sends a terminate > > message. > > The client configuration is > > /******** client config *************************/ > > ppp profile modify profile_name=default \ > > auth_eap=no auth_mschapv1=no auth_mschapv2=no > > > > tunnel create tunnel_name=l2tp-nbn dest_ipaddr=10.43.174.56 > > # persist=yes > > system modify session_establish_timeout=0 > > > > system modify deny_remote_tunnel_creates=yes > > > > session create tunnel_name=l2tp-nbn \ > > session_name=test \ > > user_name=nbn \ > > user_password=nbn > > /*******************************************/ > > > > /************ Server Config *************/ > > system modify session_establish_timeout=0 > > > > ppp profile create profile_name=l2tp-nbn \ > > local_ipaddr=10.5.1.1 \ > > remote_ipaddr=10.5.1.2 > > > > peer profile create profile_name=l2tp-nbn \ > > peer_ipaddr=10.42.176.85 \ > > ppp_profile_name=l2tp-nbn > > /*************************************************/ > > > > I don't see that server assigns 10.5.1.2 to the remote client. > > Please let me know the issue. > > > > /********* Server Side log *******/ > > PAP peer authentication succeeded for nbn > > sent [IPCP ConfReq id=0x1 <addr 10.5.1.1>] > > rcvd [LCP EchoRep id=0x0 magic=0xbf3ecfcf] > > rcvd [IPCP ConfReq id=0x1 <addr 0.0.0.0>] > > sent [IPCP ConfNak id=0x1 <addr 10.42.176.85>] > > rcvd [IPCP ConfAck id=0x1 <addr 10.5.1.1>] > > rcvd [IPCP ConfReq id=0x2 <addr 10.42.176.85>] > > sent [IPCP ConfAck id=0x2 <addr 10.42.176.85>] > > local IP address 10.5.1.1 > > remote IP address 10.42.176.85 > > openl2tp send: sent PPP_UPDOWN_IND, 60 bytes > > FUNC: tunl 19649/60514: using interface ppp0 > > FUNC: tunl 19649/60514: user is nbn > > Script /etc/ppp/ip-up started (pid 3984) > > Script /etc/ppp/ip-up finished (pid 3984), status = 0x0 > > XPRT: tunl 19649: set retry interval to 2 > > XPRT: tunl 19649: set retry interval to 4 > > DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet > > ns/nr 2/4 type 7, retry 1 > > XPRT: tunl 19649: set retry interval to 8 > > DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet > > ns/nr 2/4 type 7, retry 2 > > DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet > > ns/nr 2/4 type 7, retry 3 > > DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet > > ns/nr 2/4 type 7, retry 4 > > DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet > > ns/nr 2/4 type 7, retry 5 > > /*************************************************/ > > > > Thanks > > Naveen > > > > > > > ------------------------------------------------------------------------------ > > October Webinars: Code for Performance > > Free Intel webinars can help you accelerate application performance. > > Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most > from > > the latest Intel processors and coprocessors. See abstracts and register > > > > > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk > > > > > > > > _______________________________________________ > > Openl2tp-users mailing list > > Ope...@li... > > https://lists.sourceforge.net/lists/listinfo/openl2tp-users > > > > > > -- > James Chapman > Katalix Systems Ltd > http://www.katalix.com > Catalysts for your Embedded Linux software development > |
From: James C. <jch...@ka...> - 2013-09-24 06:27:52
|
Hi Naveen, Check for local ppp settings in /etc/ppp/options at the client or the server. These may be overriding settings used by openl2tp. James On 24/09/13 03:15, Naveen Neelakanta wrote: > > Hi All, > > I am not able to get the client ip addres assigned from server, Can you > please > help me figure what exactly is the issue . The server sends a terminate > message. > The client configuration is > /******** client config *************************/ > ppp profile modify profile_name=default \ > auth_eap=no auth_mschapv1=no auth_mschapv2=no > > tunnel create tunnel_name=l2tp-nbn dest_ipaddr=10.43.174.56 > # persist=yes > system modify session_establish_timeout=0 > > system modify deny_remote_tunnel_creates=yes > > session create tunnel_name=l2tp-nbn \ > session_name=test \ > user_name=nbn \ > user_password=nbn > /*******************************************/ > > /************ Server Config *************/ > system modify session_establish_timeout=0 > > ppp profile create profile_name=l2tp-nbn \ > local_ipaddr=10.5.1.1 \ > remote_ipaddr=10.5.1.2 > > peer profile create profile_name=l2tp-nbn \ > peer_ipaddr=10.42.176.85 \ > ppp_profile_name=l2tp-nbn > /*************************************************/ > > I don't see that server assigns 10.5.1.2 to the remote client. > Please let me know the issue. > > /********* Server Side log *******/ > PAP peer authentication succeeded for nbn > sent [IPCP ConfReq id=0x1 <addr 10.5.1.1>] > rcvd [LCP EchoRep id=0x0 magic=0xbf3ecfcf] > rcvd [IPCP ConfReq id=0x1 <addr 0.0.0.0>] > sent [IPCP ConfNak id=0x1 <addr 10.42.176.85>] > rcvd [IPCP ConfAck id=0x1 <addr 10.5.1.1>] > rcvd [IPCP ConfReq id=0x2 <addr 10.42.176.85>] > sent [IPCP ConfAck id=0x2 <addr 10.42.176.85>] > local IP address 10.5.1.1 > remote IP address 10.42.176.85 > openl2tp send: sent PPP_UPDOWN_IND, 60 bytes > FUNC: tunl 19649/60514: using interface ppp0 > FUNC: tunl 19649/60514: user is nbn > Script /etc/ppp/ip-up started (pid 3984) > Script /etc/ppp/ip-up finished (pid 3984), status = 0x0 > XPRT: tunl 19649: set retry interval to 2 > XPRT: tunl 19649: set retry interval to 4 > DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet > ns/nr 2/4 type 7, retry 1 > XPRT: tunl 19649: set retry interval to 8 > DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet > ns/nr 2/4 type 7, retry 2 > DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet > ns/nr 2/4 type 7, retry 3 > DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet > ns/nr 2/4 type 7, retry 4 > DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet > ns/nr 2/4 type 7, retry 5 > /*************************************************/ > > Thanks > Naveen > > > ------------------------------------------------------------------------------ > October Webinars: Code for Performance > Free Intel webinars can help you accelerate application performance. > Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from > the latest Intel processors and coprocessors. See abstracts and register > > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk > > > > _______________________________________________ > Openl2tp-users mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openl2tp-users > -- James Chapman Katalix Systems Ltd http://www.katalix.com Catalysts for your Embedded Linux software development |
From: Naveen N. <nbn...@gm...> - 2013-09-24 02:16:06
|
Hi All, I am not able to get the client ip addres assigned from server, Can you please help me figure what exactly is the issue . The server sends a terminate message. The client configuration is /******** client config *************************/ ppp profile modify profile_name=default \ auth_eap=no auth_mschapv1=no auth_mschapv2=no tunnel create tunnel_name=l2tp-nbn dest_ipaddr=10.43.174.56 # persist=yes system modify session_establish_timeout=0 system modify deny_remote_tunnel_creates=yes session create tunnel_name=l2tp-nbn \ session_name=test \ user_name=nbn \ user_password=nbn /*******************************************/ /************ Server Config *************/ system modify session_establish_timeout=0 ppp profile create profile_name=l2tp-nbn \ local_ipaddr=10.5.1.1 \ remote_ipaddr=10.5.1.2 peer profile create profile_name=l2tp-nbn \ peer_ipaddr=10.42.176.85 \ ppp_profile_name=l2tp-nbn /*************************************************/ I don't see that server assigns 10.5.1.2 to the remote client. Please let me know the issue. /********* Server Side log *******/ PAP peer authentication succeeded for nbn sent [IPCP ConfReq id=0x1 <addr 10.5.1.1>] rcvd [LCP EchoRep id=0x0 magic=0xbf3ecfcf] rcvd [IPCP ConfReq id=0x1 <addr 0.0.0.0>] sent [IPCP ConfNak id=0x1 <addr 10.42.176.85>] rcvd [IPCP ConfAck id=0x1 <addr 10.5.1.1>] rcvd [IPCP ConfReq id=0x2 <addr 10.42.176.85>] sent [IPCP ConfAck id=0x2 <addr 10.42.176.85>] local IP address 10.5.1.1 remote IP address 10.42.176.85 openl2tp send: sent PPP_UPDOWN_IND, 60 bytes FUNC: tunl 19649/60514: using interface ppp0 FUNC: tunl 19649/60514: user is nbn Script /etc/ppp/ip-up started (pid 3984) Script /etc/ppp/ip-up finished (pid 3984), status = 0x0 XPRT: tunl 19649: set retry interval to 2 XPRT: tunl 19649: set retry interval to 4 DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet ns/nr 2/4 type 7, retry 1 XPRT: tunl 19649: set retry interval to 8 DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet ns/nr 2/4 type 7, retry 2 DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet ns/nr 2/4 type 7, retry 3 DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet ns/nr 2/4 type 7, retry 4 DATA: TX: tunl 19649/25167: resend 36 bytes to peer 10.42.176.85, packet ns/nr 2/4 type 7, retry 5 /*************************************************/ Thanks Naveen |
From: James C. <jch...@ka...> - 2013-09-23 20:54:04
|
Hi Naveen, Yes you can use OpenL2TP to tunnel packets. From your description earlier, I thought you didn't want to use PPP, so I was suggesting use L2TP unmanaged tunnels. OpenL2TP and xl2tp are L2TPv2 implementations which means they always use PPP. Configure them as a client to connect to your server. James On 23/09/13 19:09, Naveen Neelakanta wrote: > Hi Ray, > > I want to tunnel data packets from my lan network to another , can't i > use openl2tp , > since it provides a better way of configuring the tunnels . I did not > see the same for > the ip command. > > Thanks > Naveen > > > On Mon, Sep 23, 2013 at 11:05 AM, Naveen Neelakanta > <nbn...@gm... <mailto:nbn...@gm...>> wrote: > > Hi Ray, > > It provides an unmanaged l2tp tunnels , can it be controlled using a > configuration file . > So i can't use openl2tp to create a VPN tunnel and pass any data via > the same. > > Thanks > Naveen > > > On Fri, Sep 20, 2013 at 9:06 PM, Ra...@tr... > <mailto:Ra...@tr...> <ra...@tr... > <mailto:ra...@tr...>> wrote: > > Hi Naveen, > > Use latest 'ip' build > > If using centos or other distros not know to be....current.. > build from source > https://www.kernel.org/pub/linux/utils/net/iproute2/ > > And read included l2tp man pages > > On Sep 20, 2013 1:13 PM, "Naveen Neelakanta" > <nbn...@gm... <mailto:nbn...@gm...>> wrote: > > Hi All, > > I want to select a L2tp package for l2tp vpn client setup on > linux. > I was going through xl2tpd and openl2tp are the packages for > l2tp and are the opensource packages. > What exactly is the difference between the two and i am > planning to use strongswan to provide ipsec vpn for the same. > > > Thanks > Naveen > > > On Thu, Sep 19, 2013 at 2:22 AM, James Chapman > <jch...@ka... <mailto:jch...@ka...>> wrote: > > On 18/09/13 23:00, Naveen Neelakanta wrote: > > Hi , > > I am a new bee to l2tp, I was going through > > http://openl2tp.org/doc/openl2tp. > > > > just to understand, does l2tp require PPP session, > What exactly is the > > PPP session. > > Can we not setup lust the l2tp tunnel and send traffic > through it , does > > it require a ppp tunnel. > > I want to just establish a l2tp tunnel between to > linux laptops, do i > > have to have any other > > PPP package installed to get l2tp working. > > In L2TPv2, only PPP is tunnelled over L2TP. > In L2TPv3, the protocol was extended to allow other > traffic types to be > carried. The term used is "pseudowire". L2TPv3 supports > PPP, FrameRelay, > ATM, HDLC and Ethernet pseudowires and some others. > > I think you want L2TPv3 Ethernet pseudowires, which are > virtual ethernet > links over an L2TP tunnel. If you are creating a small > number of tunnels > between two Linux boxes, it can be done with standard > Linux command line > tools. See > http://prol2tp.com/documentation.html?page=l2tpv3.html under > "Unmanaged L2TPv3 L2 tunnels for Linux". > > > > > > > Thanks > > Naveen > > -- > James Chapman > Katalix Systems Ltd > http://www.katalix.com > Catalysts for your Embedded Linux software development > > > > ------------------------------------------------------------------------------ > LIMITED TIME SALE - Full Year of Microsoft Training For Just > $49.99! > 1,500+ hours of tutorials including VisualStudio 2012, > Windows 8, SharePoint > 2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library > Power Pack includes > Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends > 9/20/13. > http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk > _______________________________________________ > Openl2tp-users mailing list > Ope...@li... > <mailto:Ope...@li...> > https://lists.sourceforge.net/lists/listinfo/openl2tp-users > > > > > > ------------------------------------------------------------------------------ > October Webinars: Code for Performance > Free Intel webinars can help you accelerate application performance. > Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from > the latest Intel processors and coprocessors. See abstracts and register > > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk > > > > _______________________________________________ > Openl2tp-users mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openl2tp-users > -- James Chapman Katalix Systems Ltd http://www.katalix.com Catalysts for your Embedded Linux software development |