Jump to content

L2tp Vpn Server (openswan)


httpCRASH

Recommended Posts

Hi guys,

hope that someone in here uses openswan and can help me...

Im setting up an VPN server with 2 goals, first of all getting my iphone/ipad a secure gateway to the internet when on the road..

second to let the the iphone use my own DNS server while using a 3G connection

(so that i can change the reply to an app by sending the requests from the app to my own webserver (but thats another story))

back to the VPN,

im setting it up on a ubuntu on 192.168.3.161

im testing with an ipad from the same lan, to be shure not to get nat/firewall issues

ipad has 192.168.3.100

I have tried some different guides, and of-course goggled all errors i have seen, but now i am stuck, got the following output from my auth.log and cant figure out what to change to solve this :(

Nov 20 17:49:45 sm-laptop pluto[5469]: ERROR: asynchronous network error report on eth0 (sport=4500) for message to 192.168.3.100 port 4500, complainant 192.168.3.100: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]

Nov 20 17:50:55 sm-laptop pluto[5469]: last message repeated 7 times

Nov 20 17:51:06 sm-laptop pluto[5469]: ERROR: asynchronous network error report on eth0 (sport=4500) for message to 192.168.3.100 port 4500, complainant 192.168.3.100: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]

Nov 20 17:51:15 sm-laptop pluto[5469]: "L2TP-PSK-NAT"[1] 192.168.3.100 #1: DPD: No response from peer - declaring peer dead

Nov 20 17:51:15 sm-laptop pluto[5469]: "L2TP-PSK-NAT"[1] 192.168.3.100 #1: DPD: Clearing Connection

Nov 20 17:51:15 sm-laptop pluto[5469]: "L2TP-PSK-NAT" #2: deleting state (STATE_QUICK_R2)

Nov 20 17:51:15 sm-laptop pluto[5469]: "L2TP-PSK-NAT" #1: deleting state (STATE_MAIN_R3)

Nov 20 17:51:15 sm-laptop pluto[5469]: "L2TP-PSK-NAT"[1] 192.168.3.100: deleting connection "L2TP-PSK-NAT" instance with peer 192.168.3.100 {isakmp=#0/ipsec=#0}

Nov 20 17:51:15 sm-laptop pluto[5469]: ERROR: asynchronous network error report on eth0 (sport=4500) for message to 192.168.3.100 port 4500, complainant 192.168.3.100: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)]

Nov 20 17:52:33 sm-laptop pluto[5469]: last message repeated 2 times

Link to comment
Share on other sites

What VPN client are you using on the ipad?

Are both the VPN server and the client setup for IPSec?

Why are you setting up a VPN server on an internal ip address?

Im using the build in VPN client, set to L2TP, and yes, the server should be set up for this as well, have followed a guide to the Letter, but dont know enough about this to be shure that i have set it up correctly...

My main reason for setting it up internaly and then routing it out is that All the guides i have found show you how to set VPN clients up in the same range as your network card in the server, and dont show anything about making a NAT between the VPN ussrs and an external IP.

My first idea was to put it directly on my server in a hostingcenter, but after alot of trial and error i gave that up, and went for the other aproach, to try and get a working internal setup that i could route out to an external IP first, so that it would be easier to follow a guide

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...