[Swan] xl2tpd and Microsoft, was Re: [libreswan/libreswan] Connection closed to remote ip (#306)

John Crisp jcrisp at safeandsoundit.co.uk
Tue Feb 11 15:56:20 UTC 2020

On 07/02/20 17:17, John Crisp wrote:
> On Mon, 3 Feb 2020 08:57:46 +0100
> Paul Wouters <paul at nohats.ca> wrote:
>> This is an interesting and unexpected bit of information. I know in
>> the past, xl2tpd mishandled the kernel case and forcing to userland
>> resolved it. It’s odd to see the reverse now. Sending this message to
>> the libreswan list for larger visibility. I will also update the FAQ
>> with this.

(Some follow up - not sure how related all this is)

Win 10 works without the module loaded on 1.3.8 as far as I can see. I
haven't tested it with it loaded.

I also need to test Win 10 with 1.3.15 but haven't got a test rig set up

Seems that with xl2tpd 1.3.8 Android < v10 are OK, but v10 is not with
"Maximum retries exceeded for tunnel"

I have tried with the module pppol2tp installed and uninstalled and it
works both ways as far as I can tell.

I have tested with CentOS 6, Libre 3.29 and xl2tpd 1.3.8 and 1.3.15 and
both seem the same.


Absolutely no idea how to get around the max retries exceeded issue
apart from fudging it by setting max retries to a higher number than the
default 5

eg this keep it running for a while:


max retries = 100

Way beyond my debugging skills now. Reading C makes my eyes hurt :-/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20200211/49ac9864/attachment.sig>

More information about the Swan mailing list