[Swan] xl2tpd and Microsoft, was Re: [libreswan/libreswan] Connection closed to remote ip (#306)
jcrisp at safeandsoundit.co.uk
Fri Feb 7 16:17:00 UTC 2020
On Mon, 3 Feb 2020 08:57:46 +0100
Paul Wouters <paul at nohats.ca> wrote:
> This is an interesting and unexpected bit of information. I know in
> the past, xl2tpd mishandled the kernel case and forcing to userland
> resolved it. It’s odd to see the reverse now. Sending this message to
> the libreswan list for larger visibility. I will also update the FAQ
> with this.
Following my trials and tribulations I have Win7/10 boxes connecting to
libre 3.29 & xl2tpd 1.3.8
What I have been banging my head against is my Android phone just
updated to Android 10 that cannot keep a connection beyond about 90
seconds with the dreaded:
"Maximum retries exceeded for tunnel xxx"
iPhone with iOS 13.3 seems to work OK, desktops, Macs etc, but my phone
I have tried multiple combinations & settings to no avail.
From the comment below I note that I haven't got l2tp_ppp loaded at any
time (as far as I can tell)
I have these modules....
But not loaded....
lsmod |grep pp
pppoe 11270 0
pppox 2728 1 pppoe
ppp_deflate 4168 0
ppp_async 7858 1
crc_ccitt 1717 1 ppp_async
ppp_generic 25526 8 pppoe,pppox,ppp_deflate,ppp_async
slhc 5837 1 ppp_generic
zlib_deflate 21661 2 ppp_deflate,deflate
Apart from the fact I seem to have crashed libre
(https://github.com/libreswan/libreswan/issues/309) has any one got any
I can post configs if required.
Pulling my hair out with this!! Just as I get Windows going Android
> > On Feb 3, 2020, at 05:40, Douglas Kosovic
> > <notifications at github.com> wrote:
> > Glad to hear you got it working.
> > Not sure why it broke. For Microsoft L2TP compatibility, I haven't
> > really looked into why xl2tpd works with the l2tp_ppp kernel
> > module, but not the userspace fallback alternative. I only found
> > out about the issue last week, reproduced the issue and worked out
> > that the l2tp_ppp kernel module wasn't getting loaded with Fedora
> > >= 31.
> > —
> > You are receiving this because you were mentioned.
> > Reply to this email directly, view it on GitHub, or unsubscribe.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the Swan