[Swan] upgrade to 3.18 broke roadwarrior connection

Charles D. Van Dusen charlie at im-design.net
Fri Nov 25 14:31:31 UTC 2016


Hi All,

I have recently upgraded libreswan from 3.13 to 3.18 on my raspberry pi3.

I am now getting the following message when I try to connect a roadwarrior vpn:

"031 "L2TP-PSK": cannot initiate connection with narrowing=no and (kind=CK_TEMPLATE)"

Here is my /etc/ipsec.d/l2tp-psk.conf file:

root at raspberrypi:/etc/ipsec.d# more l2tp-psk.conf
conn L2TP-PSK
        authby=secret
        pfs=no
        auto=add
        keyingtries=3nect
        dpddelay=30
        dpdtimeout=120
        dpdaction=clear
        narrowing=no
        rekey=yes
        ike=3des-sha1;modp2048
        ikelifetime=8h
        keylife=1h
        type=transport
        left=%defaultroute
        leftnexthop=%defaultroute
        leftprotoport=17/%any
        rightprotoport=17/1701
        right=A.B.C.D

The vpn server is a ubiquiti edge router to which I have successfully connected this same rpi3 with an earlier version of libreswan. I also connect laptops, phones, and tablets of all varieties to this same VPN server using ipsec/l2tp.

Can anyone help me figure out what I need to do to get this tunnel to connect for this rpi3?

TIA

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20161125/6a58e424/attachment.html>


More information about the Swan mailing list