[Swan] xl2tpd and Microsoft, was Re: [libreswan/libreswan] Connection closed to remote ip (#306)

John Crisp jcrisp at safeandsoundit.co.uk
Tue Feb 11 15:56:20 UTC 2020


On 07/02/20 17:17, John Crisp wrote:
> On Mon, 3 Feb 2020 08:57:46 +0100
> Paul Wouters <paul at nohats.ca> wrote:
>
>> This is an interesting and unexpected bit of information. I know in
>> the past, xl2tpd mishandled the kernel case and forcing to userland
>> resolved it. It’s odd to see the reverse now. Sending this message to
>> the libreswan list for larger visibility. I will also update the FAQ
>> with this.
>>

(Some follow up - not sure how related all this is)

Win 10 works without the module loaded on 1.3.8 as far as I can see. I
haven't tested it with it loaded.

I also need to test Win 10 with 1.3.15 but haven't got a test rig set up
yet.

Seems that with xl2tpd 1.3.8 Android < v10 are OK, but v10 is not with
"Maximum retries exceeded for tunnel"

I have tried with the module pppol2tp installed and uninstalled and it
works both ways as far as I can tell.

I have tested with CentOS 6, Libre 3.29 and xl2tpd 1.3.8 and 1.3.15 and
both seem the same.

https://github.com/xelerance/xl2tpd/issues/191

Absolutely no idea how to get around the max retries exceeded issue
apart from fudging it by setting max retries to a higher number than the
default 5

eg this keep it running for a while:

xl2tpd.conf

max retries = 100

Way beyond my debugging skills now. Reading C makes my eyes hurt :-/



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20200211/49ac9864/attachment.sig>


More information about the Swan mailing list