Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 23 replies
  • Subscribers 1 subscriber
  • Views 23435 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2TP VPN Disconnects After 60 Minutes

DaMaN841
Hey Folks,

I'm running the L2TP VPN Server, and I noticed that 60 minutes on the dot I will be disconnected. I did some searching on the Forums and Known Issues, and I discovered a past bug that was fixed for v7. Curious if perhaps it has reappeared in v8?


http://www.astaro.com/lists/Known_Issues-ASG-V7.txt

ID08349 7.200 L2TP connection terminates after 60 minutes
----------------------------------------------------------
Description:  Most L2TP connections are terminated after 60 minutes by the
              VPN backend. This mainly happens when some control packets
              are lost between client and server.
Workaround:   ---
Fix:          Fixed in 7.301


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BAlfson
    Connection Log

    2011:08:11-13:34:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:500: received Vendor ID payload [RFC 3947]
    2011:08:11-13:34:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:500: ignoring Vendor ID payload [4df37928e9fc4fd1b3262170d515c662]
    2011:08:11-13:34:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:500: ignoring Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
    2011:08:11-13:34:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:500: ignoring Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
    2011:08:11-13:34:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:500: ignoring Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
    2011:08:11-13:34:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:500: ignoring Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
    2011:08:11-13:34:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:500: ignoring Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
    2011:08:11-13:34:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
    2011:08:11-13:34:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
    2011:08:11-13:34:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
    2011:08:11-13:34:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:500: received Vendor ID payload [Dead Peer Detection]
    2011:08:11-13:34:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_1"[35] WORK_EXTERNAL_IP #49: responding to Main Mode from unknown peer WORK_EXTERNAL_IP
    2011:08:11-13:34:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_1"[35] WORK_EXTERNAL_IP #49: NAT-Traversal: Result using RFC 3947: peer is NATed
    2011:08:11-13:34:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_1"[35] WORK_EXTERNAL_IP #49: ignoring informational payload, type IPSEC_INITIAL_CONTACT
    2011:08:11-13:34:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_1"[35] WORK_EXTERNAL_IP #49: Peer ID is ID_IPV4_ADDR: 'WORK_INTERNAL_IP'
    2011:08:11-13:34:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_1"[36] WORK_EXTERNAL_IP #49: deleting connection "S_REF_yRLvfHGtCw_1"[35] instance with peer WORK_EXTERNAL_IP {isakmp=#0/ipsec=#0}
    2011:08:11-13:34:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_1"[36] WORK_EXTERNAL_IP #49: Dead Peer Detection (RFC 3706) enabled
    2011:08:11-13:34:20 Tornado pluto[7159]: | NAT-T: new mapping WORK_EXTERNAL_IP:500/4500)
    2011:08:11-13:34:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_1"[36] WORK_EXTERNAL_IP:4500 #49: sent MR3, ISAKMP SA established
    2011:08:11-13:34:21 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_0"[16] WORK_EXTERNAL_IP:4500 #50: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
    2011:08:11-13:34:21 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_0"[16] WORK_EXTERNAL_IP:4500 #50: responding to Quick Mode
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: Plugin aua.so loaded.
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: AUA plugin initialized.
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: Plugin ippool.so loaded.
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: Plugin pppol2tp.so loaded.
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: pppd 2.4.5 started by (unknown), uid 0
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: using channel 30
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: Using interface ppp0
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: Connect: ppp0  
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: Overriding mtu 1500 to 1380
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: PPPoL2TP options: lnsmode tid 40872 sid 11481 debugmask 0
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: Overriding mru 1500 to mtu value 1380
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: sent [LCP ConfReq id=0x1    ]
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: rcvd [LCP ConfReq id=0x1    ]
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: sent [LCP ConfAck id=0x1    ]
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: rcvd [LCP ConfAck id=0x1    ]
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: Overriding mtu 1500 to 1380
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: PPPoL2TP options: lnsmode tid 40872 sid 11481 debugmask 0
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: sent [CHAP Challenge id=0x49 , name = "Tornado"]
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: rcvd [LCP EchoReq id=0x0 magic=0x40ab843a]
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: sent [LCP EchoRep id=0x0 magic=0xb189cb7]
    2011:08:11-13:34:21 Tornado pppd-l2tp[23369]: rcvd [CHAP Response id=0x49 , name = "MacBookPro"]
    2011:08:11-13:34:21 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_0"[16] WORK_EXTERNAL_IP:4500 #50: IPsec SA established {ESP=>0x037836e6 ]
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: rcvd [IPCP ConfReq id=0x1   ]
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: sent [IPCP ConfNak id=0x1   ]
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: rcvd [proto=0x8057] 01 01 00 0e 01 0a 02 17 f2 ff fe c6 4b 4e
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: Unsupported protocol 'IPv6 Control Protovol' (0x8057) received
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: sent [LCP ProtRej id=0x2 80 57 01 01 00 0e 01 0a 02 17 f2 ff fe c6 4b 4e]
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: rcvd [IPCP ConfAck id=0x1 ]
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: rcvd [IPCP ConfReq id=0x2   ]
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: sent [IPCP ConfAck id=0x2   ]
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: Cannot determine ethernet address for proxy ARP
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: local  IP address 10.242.3.1
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: remote IP address 10.242.3.2
    2011:08:11-13:34:23 Tornado pppd-l2tp[23369]: Script /etc/ppp/ip-up started (pid 23381)
    2011:08:11-13:34:24 Tornado pppd-l2tp[23369]: id="2201" severity="info" sys="SecureNet" sub="vpn" event="Connection started" username="MacBookPro" variant="l2tp" srcip="WORK_EXTERNAL_IP" virtual_ip="10.242.3.2"
    2011:08:11-13:34:24 Tornado pppd-l2tp[23369]: Script /etc/ppp/ip-up finished (pid 23381), status = 0x0
  • 0 in reply to DaMaN841
    Disconnection Log

    2011:08:11-14:22:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:4500: received Vendor ID payload [RFC 3947]
    2011:08:11-14:22:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:4500: ignoring Vendor ID payload [4df37928e9fc4fd1b3262170d515c662]
    2011:08:11-14:22:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:4500: ignoring Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
    2011:08:11-14:22:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:4500: ignoring Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
    2011:08:11-14:22:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:4500: ignoring Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
    2011:08:11-14:22:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:4500: ignoring Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
    2011:08:11-14:22:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:4500: ignoring Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
    2011:08:11-14:22:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:4500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03]
    2011:08:11-14:22:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:4500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
    2011:08:11-14:22:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:4500: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
    2011:08:11-14:22:20 Tornado pluto[7159]: packet from WORK_EXTERNAL_IP:4500: received Vendor ID payload [Dead Peer Detection]
    2011:08:11-14:22:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_0"[16] WORK_EXTERNAL_IP:4500 #51: responding to Main Mode from unknown peer WORK_EXTERNAL_IP:4500
    2011:08:11-14:22:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_0"[16] WORK_EXTERNAL_IP:4500 #51: NAT-Traversal: Result using RFC 3947: peer is NATed
    2011:08:11-14:22:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_0"[16] WORK_EXTERNAL_IP:4500 #51: Peer ID is ID_IPV4_ADDR: 'WORK_INTERNAL_IP'
    2011:08:11-14:22:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_0"[16] WORK_EXTERNAL_IP:4500 #51: Dead Peer Detection (RFC 3706) enabled
    2011:08:11-14:22:20 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_0"[16] WORK_EXTERNAL_IP:4500 #51: sent MR3, ISAKMP SA established
    2011:08:11-14:22:22 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_0"[16] WORK_EXTERNAL_IP:4500 #52: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
    2011:08:11-14:22:22 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_0"[16] WORK_EXTERNAL_IP:4500 #52: responding to Quick Mode
    2011:08:11-14:22:22 Tornado pluto[7159]: "S_REF_yRLvfHGtCw_0"[16] WORK_EXTERNAL_IP:4500 #52: IPsec SA established {ESP=>0x0c7793af