Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 1 subscriber
  • Views 501 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2TP/IPSec Occasional Disconnects

JeffCooper
Hi,

We're getting occasional disconnects from vpn clients using Remote Access L2TP over IPSec.  The Astaro 220 (7.405) seems to think that the client is sending a disconnect signal. But they're not.  Below is a sample of a session where this happens. Happened to me and to a couple other users in the past few weeks:

(real name/public IP address hidden):

2010:01:20-13:01:56 kingarch pluto[3731]: "S_REF_UAXDMdyTyj_1"[131] 1.2.3.4 #217: responding to Main Mode from unknown peer 1.2.3.4
2010:01:20-13:01:56 kingarch pluto[3731]: "S_REF_UAXDMdyTyj_1"[131] 1.2.3.4 #217: NAT-Traversal: Result using RFC 3947: peer is NATed
2010:01:20-13:01:56 kingarch pluto[3731]: "S_REF_UAXDMdyTyj_1"[131] 1.2.3.4 #217: Peer ID is ID_IPV4_ADDR: '10.0.1.198'
2010:01:20-13:01:56 kingarch pluto[3731]: "S_REF_UAXDMdyTyj_1"[132] 1.2.3.4 #217: deleting connection "S_REF_UAXDMdyTyj_1" instance with peer 1.2.3.4 {isakmp=#0/ipsec=#0}
2010:01:20-13:01:56 kingarch pluto[3731]: | NAT-T: new mapping 1.2.3.4:500/37636)
2010:01:20-13:01:56 kingarch pluto[3731]: "S_REF_UAXDMdyTyj_1"[132] 1.2.3.4:37636 #217: sent MR3, ISAKMP SA established
2010:01:20-13:01:56 kingarch pluto[3731]: "S_REF_UAXDMdyTyj_1"[132] 1.2.3.4:37636 #217: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2010:01:20-13:01:57 kingarch pluto[3731]: "S_REF_UAXDMdyTyj_0"[62] 1.2.3.4:37636 #218: responding to Quick Mode
2010:01:20-13:01:59 kingarch xl2tpd[3759]: control_finish: Peer requested tunnel 1 twice, ignoring second one.
2010:01:20-13:01:59 kingarch xl2tpd[3759]: Connection established to 1.2.3.4, 37636.  Local: 17124, Remote: 1 (ref=0/0).  LNS session is 'default'
2010:01:20-13:02:00 kingarch xl2tpd[3759]: Call established with 1.2.3.4, Local: 10236, Remote: 199, Serial: 1
2010:01:20-13:02:00 kingarch pppd-l2tp[10214]: Plugin /usr/sbin/aua.so loaded.
2010:01:20-13:02:00 kingarch pppd-l2tp[10214]: AUA plugin initialized.
2010:01:20-13:02:00 kingarch pppd-l2tp[10214]: pppd 2.4.3 started by (unknown), uid 0
2010:01:20-13:02:00 kingarch pppd-l2tp[10214]: Using interface ppp0
2010:01:20-13:02:00 kingarch pppd-l2tp[10214]: Connect: ppp0  /dev/pts/0
2010:01:20-13:02:02 kingarch pluto[3731]: "S_REF_UAXDMdyTyj_0"[62] 1.2.3.4:37636 #218: Dead Peer Detection (RFC 3706) enabled
2010:01:20-13:02:02 kingarch pluto[3731]: "S_REF_UAXDMdyTyj_0"[62] 1.2.3.4:37636 #218: IPsec SA established {ESP=>0x0743966c  /dev/pts/0
2010:01:20-14:01:19 kingarch pppd-l2tp[10214]: tcflush failed: Bad file descriptor
2010:01:20-14:01:20 kingarch pppd-l2tp[10214]: tcsetattr: Invalid argument (line 1001)
2010:01:20-14:01:20 kingarch pppd-l2tp[10214]: Exit.

Client is the built-in Macintosh L2TP over IPSec client.

Anyone having similar issues and/or find a solution?

Thanks!

Jeff


This thread was automatically locked due to age.