[Swan] xl2tpd and Microsoft, was Re: [libreswan/libreswan] Connection closed to remote ip (#306)
John Crisp
jcrisp at safeandsoundit.co.uk
Tue Feb 11 15:56:20 UTC 2020
On 07/02/20 17:17, John Crisp wrote:
> On Mon, 3 Feb 2020 08:57:46 +0100
> Paul Wouters <paul at nohats.ca> wrote:
>
>> This is an interesting and unexpected bit of information. I know in
>> the past, xl2tpd mishandled the kernel case and forcing to userland
>> resolved it. It’s odd to see the reverse now. Sending this message to
>> the libreswan list for larger visibility. I will also update the FAQ
>> with this.
>>
(Some follow up - not sure how related all this is)
Win 10 works without the module loaded on 1.3.8 as far as I can see. I
haven't tested it with it loaded.
I also need to test Win 10 with 1.3.15 but haven't got a test rig set up
yet.
Seems that with xl2tpd 1.3.8 Android < v10 are OK, but v10 is not with
"Maximum retries exceeded for tunnel"
I have tried with the module pppol2tp installed and uninstalled and it
works both ways as far as I can tell.
I have tested with CentOS 6, Libre 3.29 and xl2tpd 1.3.8 and 1.3.15 and
both seem the same.
https://github.com/xelerance/xl2tpd/issues/191
Absolutely no idea how to get around the max retries exceeded issue
apart from fudging it by setting max retries to a higher number than the
default 5
eg this keep it running for a while:
xl2tpd.conf
max retries = 100
Way beyond my debugging skills now. Reading C makes my eyes hurt :-/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20200211/49ac9864/attachment.sig>
More information about the Swan
mailing list