From owner-freebsd-questions@FreeBSD.ORG Wed Mar 16 00:44:34 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E20E110656A8 for ; Wed, 16 Mar 2011 00:44:34 +0000 (UTC) (envelope-from freebsd-questions@herveybayaustralia.com.au) Received: from mail.unitedinsong.com.au (mail.unitedinsong.com.au [150.101.178.33]) by mx1.freebsd.org (Postfix) with ESMTP id 449948FC18 for ; Wed, 16 Mar 2011 00:44:34 +0000 (UTC) Received: from laptop1.herveybayaustralia.com.au (laptop1.herveybayaustralia.com.au [192.168.0.186]) by mail.unitedinsong.com.au (Postfix) with ESMTP id AF5385C22 for ; Wed, 16 Mar 2011 10:52:15 +1000 (EST) Message-ID: <4D7FF8C6.1020800@herveybayaustralia.com.au> Date: Wed, 16 Mar 2011 09:39:50 +1000 From: Da Rock User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.1.16) Gecko/20110204 Thunderbird/3.0.11 ThunderBrowse/3.3.4 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: mpd- no ng_l2tp coming up X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Mar 2011 00:44:35 -0000 Been a while since I've had time to check the list- I became a dad again a couple of weeks ago so its been hectic to say the least. Apologies for the previous thread revival- my email client didn't show up with _all_ the emails I missed so I thought I was more recent than I had realised. I'm running into all sorts of issues setting up l2tp networking. I think I have the IPSEC part worked out, but testing parts at a time l2tp dies in a hole. I've resorted to mpd as it seems to be widely used in BSD (and linux too..), but the result seems to be the same for other servers as well. I can start the server, it says ok and runs; I check sockstat, l2tp ports are open; I can even check the console (mpd), its says all systems go. I run the client- the connection dies, and so does the server. mpd.log: Mar 15 23:15:14 bell mpd: Multi-link PPP daemon for FreeBSD Mar 15 23:15:14 bell mpd: Mar 15 23:15:14 bell mpd: process 2762 started, version 5.5 (root@bell.herveybayaustralia.com.au 10:40 7-Mar-2011) Mar 15 23:15:14 bell mpd: web: listening on 0.0.0.0 5006 Mar 15 23:15:14 bell mpd: EVENT: Registering event EVENT_READ MsgEvent() at msg.c:72 Mar 15 23:15:14 bell mpd: EVENT: Registering event EVENT_READ MsgEvent() done at msg.c:72 Mar 15 23:15:14 bell mpd: EVENT: Registering event EVENT_READ L2tpServerEvent() at l2tp.c:1636 Mar 15 23:15:14 bell mpd: EVENT: Registering event EVENT_READ L2tpServerEvent() done at l2tp.c:1636 Mar 15 23:15:14 bell mpd: L2TP: waiting for connection on 0.0.0.0 1701 Mar 15 23:15:14 bell mpd: EVENT: Processing event EVENT_TIMEOUT ConfigRead() done Mar 15 23:15:36 bell mpd: EVENT: Processing event EVENT_READ L2tpServerEvent() Mar 15 23:15:36 bell mpd: Incoming L2TP packet from 192.168.0.200 47973 Mar 15 23:15:36 bell mpd: L2TP: ppp_l2tp_ctrl_create invoked Mar 15 23:15:36 bell mpd: L2TP: Control connection 0x286f3d08 0.0.0.0 1701 <-> 192.168.0.200 47973 accepted Mar 15 23:15:36 bell mpd: EVENT: Processing event EVENT_READ L2tpServerEvent() done Mar 15 23:15:36 bell mpd: L2TP: RECV [MESSAGE_TYPE SCCRQ] [PROTOCOL_VERSION 1.0] [HOST_NAME "anonymous"] [FRAMING_CAPABILITIES sync=1 async=1] [ASSIGNED_TUNNEL_ID 0x0d78] [RECEIVE_WINDOW_SIZE 1] [CHALLENGE c819a7182517daa2a777da6a7e7e581712745f00e3c707a3f381fb3561faa56e] Mar 15 23:15:36 bell mpd: L2TP: rec'd SCCRQ in state idle Mar 15 23:15:36 bell mpd: L2TP: connected to "anonymous", version=1.0 Mar 15 23:15:36 bell mpd: L2TP: XMIT [MESSAGE_TYPE SCCRP] [HOST_NAME "bell.herveybayaustralia.com.au"] [VENDOR_NAME "FreeBSD MPD"] [BEARER_CAPABILITIES digital=1 analog=1] [RECEIVE_WINDOW_SIZE 8] [PROTOCOL_VERSION 1.0] [FRAMING_CAPABILITIES sync=1 async=1] [ASSIGNED_TUNNEL_ID 0x7008] [CHALLENGE 481df3c95b9e9579adf0cae17d58e680] [CHALLENGE_RESPONSE d6f82bd055e8479f6e8dbe943a5b11c0] Mar 15 23:15:43 bell mpd: L2TP: RECV [MESSAGE_TYPE SCCCN] Mar 15 23:15:43 bell mpd: L2TP: rec'd SCCCN in state wait-ctl-conn Mar 15 23:15:43 bell mpd: L2TP: SCCRP lacks challenge response Mar 15 23:15:43 bell mpd: L2TP: XMIT [MESSAGE_TYPE StopCCN] [ASSIGNED_TUNNEL_ID 0x7008] [RESULT_CODE result=4 error=0 errmsg=""] Mar 15 23:15:43 bell mpd: L2TP: Control connection 0x286f3d08 0.0.0.0 1701 <-> 192.168.0.200 47973 connected Mar 15 23:15:43 bell mpd: L2TP: Control connection 0x286f3d08 terminated: 0 () Mar 15 23:15:43 bell mpd: ASSERT "ctrl->state == CS_DYING" failed: file "l2tp_ctrl.c", line 1426 Mar 15 23:15:43 bell mpd: fatal error, exiting Mar 15 23:15:43 bell mpd: [B1] Bundle: Shutdown Mar 15 23:15:43 bell mpd: [L1] Link: Shutdown Mar 15 23:15:43 bell mpd: L2TP: stop waiting for connection on 0.0.0.0 1701 Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ L2tpServerEvent() at l2tp.c:1671 Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ L2tpServerEvent() done at l2tp.c:1671 Mar 15 23:15:43 bell mpd: PPTP: Total shutdown Mar 15 23:15:43 bell mpd: L2TP: Total shutdown Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ EcpNgDataEvent() at ecp.c:193 Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ EcpNgDataEvent() done at ecp.c:193 Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ CcpNgCtrlEvent() at ccp.c:190 Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ CcpNgCtrlEvent() done at ccp.c:190 Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ CcpNgDataEvent() at ccp.c:193 Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ CcpNgDataEvent() done at ccp.c:193 Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ LinkNgDataEvent() at link.c:182 Mar 15 23:15:43 bell mpd: EVENT: Unregistering event EVENT_READ LinkNgDataEvent() done at link.c:182 Mar 15 23:15:43 bell mpd: process 2762 terminated ngctl list: There are 4 total nodes: Name: mpd4493-cso Type: socket ID: 00000048 Num hooks: 0 Name: mpd4493-eso Type: socket ID: 00000049 Num hooks: 0 Name: mpd4493-lso Type: socket ID: 00000047 Num hooks: 0 Name: ngctl4494 Type: socket ID: 0000004a Num hooks: 0 I will note here though that I can get ng_l2tp in that list and a hook between two parts, but the rest are 0. I just don't always get it... :( The result remains exactly the same though. Accessing the web console it shows the l2tp link and the bundle on separate lines. I also had an unscheduled reboot (power failure) and that showed up a warning: "attempt to domain_add(netgraph) after domainfinalize()" which I could never quite figure was fatal or not. I've read and googled as much as I can in my free time working on this, trying my foo on the errors quoted, abstract concepts- nothing. Or at least the answers are only in russian- and my russian isn't all that good :P I didn't jump on the list straight up due to lack of time to respond and I wanted to crack it myself anyway. I've tried to get a clear outline of what is required for a lns (the docs and sample config only define a lac)- there are plenty of client howtos but no servers. That said I can't see what the hold up is: startup: log +all set web self 0.0.0.0 5006 set web open # set web auth disable set user default: load l2tp_vpn l2tp_vpn: set ippool add pool1 192.168.0.42 192.168.0.45 create bundle template B1 set iface enable tcpmssfix set iface idle 1800 set ipcp ranges 192.168.0.40/32 ippool pool1 set ipcp dns 192.168.0.20 set ipcp enable vjcomp set bundle enable compression create link template L1 l2tp set l2tp self 0.0.0.0 # set l2tp hostname set l2tp secret set l2tp disable outcall # set l2tp enable hidden set link action bundle B1 set link no pap chap eap set link yes pap chap set link enable multilink set link mtu 1460 set link enable acfcomp protocomp set link enable incoming # set radius server This is for mpd5, though mpd4 fails similarly as well. Obviously the config is adjusted accordingly, and I have seen one of each in examples found on google. I've gone for a simple as possible to help debug this. It appears the control connection is setup and then fails for some inexplicable reason. The client (android) logs show the same, but it is definitely the server that kills the connection. Anything I've missed? Can anyone shed some light here? Or should I be trying -net?