Project

General

Profile

Issue #3605

L2tp VPN

Added by Arvind Mewada about 1 month ago. Updated about 1 month ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
-
Affected version:
Resolution:
Invalid

Description

Oct 21 15:23:09 arvind-VM NetworkManager759: <info> [1603273989.9563] audit: op="connection-activate" uuid="2455525c-b28b-4c7d-be94-d4a18a5107fc" name="VPN 1" pid=1522 uid=1000 result="success"
Oct 21 15:23:09 arvind-VM gnome-shell1141: JS ERROR: TypeError: item is undefined#012setActiveConnections/<@resource:///org/gnome/shell/ui/status/network.js:1518:17#012setActiveConnections@resource:///org/gnome/shell/ui/status/network.js:1515:9#012wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22#012_syncVpnConnections@resource:///org/gnome/shell/ui/status/network.js:1853:9#012wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
Oct 21 15:23:09 arvind-VM NetworkManager759: <info> [1603273989.9660] vpn-connection[0x558b5fd48500,2455525c-b28b-4c7d-be94-d4a18a5107fc,"VPN 1",0]: Started the VPN service, PID 5325
Oct 21 15:23:09 arvind-VM NetworkManager759: <info> [1603273989.9779] vpn-connection[0x558b5fd48500,2455525c-b28b-4c7d-be94-d4a18a5107fc,"VPN 1",0]: Saw the service appear; activating connection
Oct 21 15:23:19 arvind-VM NetworkManager759: <info> [1603273999.4575] settings-connection[0x558b5fc00d20,2455525c-b28b-4c7d-be94-d4a18a5107fc]: write: successfully updated (keyfile: update /etc/NetworkManager/system-connections/VPN 1 (2455525c-b28b-4c7d-be94-d4a18a5107fc,"VPN 1")), connection was modified in the process
Oct 21 15:23:19 arvind-VM NetworkManager759: <info> [1603273999.4673] vpn-connection[0x558b5fd48500,2455525c-b28b-4c7d-be94-d4a18a5107fc,"VPN 1",0]: VPN connection: (ConnectInteractive) reply received
Oct 21 15:23:19 arvind-VM nm-l2tp-service5325: Check port 1701
Oct 21 15:23:19 arvind-VM nm-l2tp-service5325: Can't bind to port 1701
Oct 21 15:23:19 arvind-VM NetworkManager759: Redirecting to: systemctl stop ipsec.service
Oct 21 15:23:19 arvind-VM systemd1: Stopping Internet Key Exchange (IKE) Protocol Daemon for IPsec...
Oct 21 15:23:19 arvind-VM whack5351: 002 shutting down
Oct 21 15:23:19 arvind-VM ipsec5354: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM libipsecconf5356: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM systemd1: Stopped Internet Key Exchange (IKE) Protocol Daemon for IPsec.
Oct 21 15:23:19 arvind-VM NetworkManager759: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM libipsecconf5362: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM NetworkManager759: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM libipsecconf5367: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM NetworkManager759: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM libipsecconf5380: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM NetworkManager759: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM libipsecconf5385: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM NetworkManager759: Redirecting to: systemctl start ipsec.service
Oct 21 15:23:19 arvind-VM systemd1: Starting Internet Key Exchange (IKE) Protocol Daemon for IPsec...
Oct 21 15:23:19 arvind-VM libipsecconf5668: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM addconn5668: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM _stackmanager5669: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM libipsecconf5671: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM _stackmanager5669: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:19 arvind-VM libipsecconf5676: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:20 arvind-VM ipsec5959: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:20 arvind-VM libipsecconf5961: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:20 arvind-VM ipsec5959: nflog ipsec capture disabled
Oct 21 15:23:20 arvind-VM systemd1: Started Internet Key Exchange (IKE) Protocol Daemon for IPsec.
Oct 21 15:23:20 arvind-VM NetworkManager759: 002 listening for IKE messages
Oct 21 15:23:20 arvind-VM NetworkManager759: 002 adding interface enp0s3/enp0s3 10.0.2.15:500
Oct 21 15:23:20 arvind-VM NetworkManager759: 002 adding interface enp0s3/enp0s3 10.0.2.15:4500
Oct 21 15:23:20 arvind-VM NetworkManager759: 002 adding interface lo/lo 127.0.0.1:500
Oct 21 15:23:20 arvind-VM NetworkManager759: 002 adding interface lo/lo 127.0.0.1:4500
Oct 21 15:23:20 arvind-VM NetworkManager759: 002 adding interface lo/lo ::1:500
Oct 21 15:23:20 arvind-VM NetworkManager759: 002 loading secrets from "/etc/ipsec.secrets"
Oct 21 15:23:20 arvind-VM NetworkManager759: 002 loading secrets from "/etc/ipsec.d/ipsec.nm-l2tp.secrets"
Oct 21 15:23:20 arvind-VM NetworkManager759: debugging mode enabled
Oct 21 15:23:20 arvind-VM NetworkManager759: end of file /run/nm-l2tp-2455525c-b28b-4c7d-be94-d4a18a5107fc/ipsec.conf
Oct 21 15:23:20 arvind-VM NetworkManager759: Loading conn 2455525c-b28b-4c7d-be94-d4a18a5107fc
Oct 21 15:23:20 arvind-VM NetworkManager759: starter: left is KH_DEFAULTROUTE
Oct 21 15:23:20 arvind-VM NetworkManager759: conn: "2455525c-b28b-4c7d-be94-d4a18a5107fc" labeled_ipsec=0
Oct 21 15:23:20 arvind-VM NetworkManager759: conn: "2455525c-b28b-4c7d-be94-d4a18a5107fc" modecfgdns=(null)
Oct 21 15:23:20 arvind-VM NetworkManager759: conn: "2455525c-b28b-4c7d-be94-d4a18a5107fc" modecfgdomains=(null)
Oct 21 15:23:20 arvind-VM NetworkManager759: conn: "2455525c-b28b-4c7d-be94-d4a18a5107fc" modecfgbanner=(null)
Oct 21 15:23:20 arvind-VM NetworkManager759: conn: "2455525c-b28b-4c7d-be94-d4a18a5107fc" mark=(null)
Oct 21 15:23:20 arvind-VM NetworkManager759: conn: "2455525c-b28b-4c7d-be94-d4a18a5107fc" mark-in=(null)
Oct 21 15:23:20 arvind-VM NetworkManager759: conn: "2455525c-b28b-4c7d-be94-d4a18a5107fc" mark-out=(null)
Oct 21 15:23:20 arvind-VM NetworkManager759: conn: "2455525c-b28b-4c7d-be94-d4a18a5107fc" vti_iface=(null)
Oct 21 15:23:20 arvind-VM NetworkManager759: opening file: /run/nm-l2tp-2455525c-b28b-4c7d-be94-d4a18a5107fc/ipsec.conf
Oct 21 15:23:20 arvind-VM NetworkManager759: loading named conns: 2455525c-b28b-4c7d-be94-d4a18a5107fc
Oct 21 15:23:20 arvind-VM NetworkManager759: seeking_src = 1, seeking_gateway = 1, has_peer = 1
Oct 21 15:23:20 arvind-VM NetworkManager759: seeking_src = 0, seeking_gateway = 1, has_dst = 1
Oct 21 15:23:20 arvind-VM NetworkManager759: dst via 10.0.2.2 dev enp0s3 src table 254
Oct 21 15:23:20 arvind-VM NetworkManager759: set nexthop: 10.0.2.2
Oct 21 15:23:20 arvind-VM NetworkManager759: dst 10.0.2.0 via dev enp0s3 src 10.0.2.15 table 254
Oct 21 15:23:20 arvind-VM NetworkManager759: dst 169.254.0.0 via dev enp0s3 src table 254
Oct 21 15:23:20 arvind-VM NetworkManager759: dst 10.0.2.0 via dev enp0s3 src 10.0.2.15 table 255 (ignored)
Oct 21 15:23:20 arvind-VM NetworkManager759: dst 10.0.2.15 via dev enp0s3 src 10.0.2.15 table 255 (ignored)
Oct 21 15:23:20 arvind-VM NetworkManager759: dst 10.0.2.255 via dev enp0s3 src 10.0.2.15 table 255 (ignored)
Oct 21 15:23:20 arvind-VM NetworkManager759: dst 127.0.0.0 via dev lo src 127.0.0.1 table 255 (ignored)
Oct 21 15:23:20 arvind-VM NetworkManager759: dst 127.0.0.0 via dev lo src 127.0.0.1 table 255 (ignored)
Oct 21 15:23:20 arvind-VM NetworkManager759: dst 127.0.0.1 via dev lo src 127.0.0.1 table 255 (ignored)
Oct 21 15:23:20 arvind-VM NetworkManager759: dst 127.255.255.255 via dev lo src 127.0.0.1 table 255 (ignored)
Oct 21 15:23:20 arvind-VM NetworkManager759: seeking_src = 1, seeking_gateway = 0, has_peer = 1
Oct 21 15:23:20 arvind-VM NetworkManager759: seeking_src = 1, seeking_gateway = 0, has_dst = 1
Oct 21 15:23:20 arvind-VM NetworkManager759: dst 10.0.2.2 via dev enp0s3 src 10.0.2.15 table 254
Oct 21 15:23:20 arvind-VM NetworkManager759: set addr: 10.0.2.15
Oct 21 15:23:20 arvind-VM NetworkManager759: seeking_src = 0, seeking_gateway = 0, has_peer = 1
Oct 21 15:23:20 arvind-VM NetworkManager759: 002 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #1: initiating Main Mode
Oct 21 15:23:20 arvind-VM NetworkManager759: 104 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #1: STATE_MAIN_I1: initiate
Oct 21 15:23:20 arvind-VM NetworkManager759: 106 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #1: STATE_MAIN_I2: sent MI2, expecting MR2
Oct 21 15:23:20 arvind-VM NetworkManager759: 108 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #1: STATE_MAIN_I3: sent MI3, expecting MR3
Oct 21 15:23:21 arvind-VM NetworkManager759: 002 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #1: Peer ID is ID_IPV4_ADDR: 'x.x.x.x'
Oct 21 15:23:21 arvind-VM NetworkManager759: 004 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #1: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=3des_cbc_192 integ=sha group=MODP1024}
Oct 21 15:23:21 arvind-VM NetworkManager759: 002 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #2: initiating Quick Mode PSK+ENCRYPT+PFS+UP+IKEV1_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:031c07fb proposal=AES_CBC_256-HMAC_SHA1_96, AES_CBC_128-HMAC_SHA1_96, 3DES_CBC-HMAC_SHA1_96 pfsgroup=MODP1024}
Oct 21 15:23:21 arvind-VM NetworkManager759: 117 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #2: STATE_QUICK_I1: initiate
Oct 21 15:23:21 arvind-VM libipsecconf5985: warning: could not open include filename: '/etc/ipsec.d/*.conf'
Oct 21 15:23:21 arvind-VM NetworkManager759: 010 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #2: STATE_QUICK_I1: retransmission; will wait 0.5 seconds for response
Oct 21 15:23:22 arvind-VM NetworkManager759: 010 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #2: STATE_QUICK_I1: retransmission; will wait 1 seconds for response
Oct 21 15:23:23 arvind-VM NetworkManager759: 010 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #2: STATE_QUICK_I1: retransmission; will wait 2 seconds for response
Oct 21 15:23:25 arvind-VM NetworkManager759: 010 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #2: STATE_QUICK_I1: retransmission; will wait 4 seconds for response
Oct 21 15:23:29 arvind-VM NetworkManager759: 010 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #2: STATE_QUICK_I1: retransmission; will wait 8 seconds for response
Oct 21 15:23:30 arvind-VM nm-l2tp-service5325: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Oct 21 15:23:30 arvind-VM NetworkManager759: <info> [1603274010.1286] vpn-connection[0x558b5fd48500,2455525c-b28b-4c7d-be94-d4a18a5107fc,"VPN 1",0]: VPN plugin: state changed: stopped (6)
Oct 21 15:23:30 arvind-VM NetworkManager759: <info> [1603274010.1432] vpn-connection[0x558b5fd48500,2455525c-b28b-4c7d-be94-d4a18a5107fc,"VPN 1",0]: VPN service disappeared
Oct 21 15:23:30 arvind-VM NetworkManager759: <warn> [1603274010.1449] vpn-connection[0x558b5fd48500,2455525c-b28b-4c7d-be94-d4a18a5107fc,"VPN 1",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'
Oct 21 15:23:37 arvind-VM NetworkManager759: 010 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #2: STATE_QUICK_I1: retransmission; will wait 16 seconds for response
Oct 21 15:23:53 arvind-VM NetworkManager759: 010 "2455525c-b28b-4c7d-be94-d4a18a5107fc" #2: STATE_QUICK_I1: retransmission; will wait 32 seconds for response

History

#1 Updated by Noel Kuntze about 1 month ago

  • Status changed from New to Rejected
  • Priority changed from High to Normal
  • Resolution set to Invalid

That doesn't look like strongSwan but Openwan or Libreswan. Pluto/whack wasn't supported or container in any strongSwan release since version 5.0.0 and that's many years old already. Also, the mechanisms which are shown here (calling ipsec* and reading config files from /etc/ipsec.d/ isn't used by strongSwan, so this is entirely out of scope in any case.

Rejecting the case for that reason.

Also available in: Atom PDF