[Swan] Intermittent problems with L2TP

Nels Lindquist nlindq at maei.ca
Mon Dec 7 20:13:28 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Good afternoon.

We're having some intermittent problems with L2TP connections to our
VPN endpoint, currently running LibreSWAN 3.13 and xl2tpd 1.3.6, both
from the EPEL repository.

The failed connections appear to successfully bring up the IPSEC
portion of the tunnel, but the xltpd portion fails, and
/var/log/messages contains these:

Dec 7 11:40:28 yeggate xl2tpd[28181]: udp_xmit failed to
174.90.222.190:1701 with err=-1:Operation not permitted
Dec 7 11:40:29 yeggate xl2tpd[28181]: udp_xmit failed to
174.90.222.190:1701 with err=-1:Operation not permitted
Dec 7 11:40:30 yeggate xl2tpd[28181]: udp_xmit failed to
174.90.222.190:1701 with err=-1:Operation not permitted
Dec 7 11:40:31 yeggate xl2tpd[28181]: udp_xmit failed to
174.90.222.190:1701 with err=-1:Operation not permitted
Dec 7 11:40:32 yeggate xl2tpd[28181]: udp_xmit failed to
174.90.222.190:1701 with err=-1:Operation not permitted
Dec 7 11:40:33 yeggate xl2tpd[28181]: Maximum retries exceeded for
tunnel 18695. Closing.

I tried restarting xl2tpd, but it made no difference.  Only after I
restarted ipsec did the connections start working again.

Any ideas?


- -- 
Nels Lindquist
<nlindq at maei.ca>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)

iEYEARECAAYFAlZl6GQACgkQh6z5POoOLgTOQwCgvGfDWZu3m2wB1Bwthm9MJ2t7
w1oAnAqX+1ojsBL+hD1SmI5AeDBjqFFv
=T6X7
-----END PGP SIGNATURE-----


More information about the Swan mailing list