Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Setting up an L2TP/IPSec client

 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help!
View previous topic :: View next topic  
Author Message
chris



Joined: Thu Jul 11, 2013 5:14 pm
Posts: 16
Location: Kent

PostPosted: Wed Jun 18, 2014 3:45 pm    Post subject: Setting up an L2TP/IPSec client Reply with quote

Hi,

I am trying unsuccessfully to set up an L2TP?IPSec client on Ubuntu 13.04 but have fallen at the first hurdle. I have downloaded the appropriate files - 'l2tp-ipsec-vpn', 'l2tp-ipsec-vpn-daemon' and 'openswan'. and have configured network manager, and used the command 'ipsec verify'. The output from that command follows:

Quote:
chris@chris-PC2:~$ ipsec verify
To check this machine, you need to run "ipsec verify" as root.
chris@chris-PC2:~$ sudo ipsec verify
[sudo] password for chris:
Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.6.38/K(no kernel code presently loaded)
Checking for IPsec support in kernel [FAILED]
SAref kernel support [N/A]
Checking that pluto is running [FAILED]
whack: Pluto is not running (no "/var/run/pluto/pluto.ctl")
Two or more interfaces found, checking IP forwarding Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking /bin/sh is not /bin/dash [WARNING]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]


It appears from this (to me, anyway) that the current kernel does not support L2TP/IPSec. Is there anything I can do about it?

Also, I was expecting to need a configuration file like the file 'client.conf' for OpenVpn but have not found one..

Any help would be greatly appreciated as I had never heard of L2TP/IOSec until this week
Back to top
View user's profile Send private message
Dutch_Master
LXF regular


Joined: Tue Mar 27, 2007 2:49 am
Posts: 2431

PostPosted: Wed Jun 18, 2014 4:14 pm    Post subject: Reply with quote

This is where it goes wrong:
Quote:
Checking for IPsec support in kernel [FAILED]

It means that the kernel cannot support IPSec, as it hasn't been told to do so. You'd need to either rebuild your existing kernel with IPSec enabled, or build a new kernel with that option. In either case, you need the build-essential package installed (more: its dependencies Wink ) as well as the appropriate kernel source.

A more accurate way of determining if the kernel supports IPSec is reading the .config file. Locate the .config file for your kernel, then:
Code:
cat /full//path/to/.config | grep ipsec
If nothing comes up, or the indication contains "false" or "0" (zero, Boolean notation) the kernel is NOT configured for IPSec.
Back to top
View user's profile Send private message
chris



Joined: Thu Jul 11, 2013 5:14 pm
Posts: 16
Location: Kent

PostPosted: Thu Jun 19, 2014 10:15 am    Post subject: Reply with quote

Thanks Dutch_Master,

Unfortunately I made a typo and it is not Ubuntu 13.04 that I am using but Ubuntu 14.04 64-bit.

I have made some progress in that it now tries to connect whereas before it refused at startup to even attempt to connect.

I now the the following:

Jun 19 09:32:24.412 ipsec_setup: Starting Openswan IPsec U2.6.38/K3.13.0-29-generic...
Jun 19 09:32:24.664 ipsec__plutorun: Starting Pluto subsystem...
Jun 19 09:32:24.670 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Jun 19 09:32:24.673 recvref[30]: Protocol not available
Jun 19 09:32:24.674 xl2tpd[3142]: This binary does not support kernel L2TP.
Jun 19 09:32:24.674 Starting xl2tpd: xl2tpd.
Jun 19 09:32:24.675 xl2tpd[3144]: xl2tpd version xl2tpd-1.3.6 started on chris-PC2 PID:3144
Jun 19 09:32:24.676 xl2tpd[3144]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Jun 19 09:32:24.676 xl2tpd[3144]: Forked by Scott Balmos and David Stipp, (C) 2001
Jun 19 09:32:24.677 xl2tpd[3144]: Inherited by Jeff McAdams, (C) 2002
Jun 19 09:32:24.677 xl2tpd[3144]: Forked again by Xelerance (www.xelerance.com) (C) 2006
Jun 19 09:32:24.677 xl2tpd[3144]: Listening on IP address 0.0.0.0, port 1701
Jun 19 09:32:24.786 ipsec__plutorun: 002 added connection description "IDC"
Jun 19 09:33:44.388 Last command timed out
Jun 19 09:33:44.398 xl2tpd[3144]: death_handler: Fatal signal 15 received
Jun 19 09:33:44.399 Stopping xl2tpd: xl2tpd.
Jun 19 09:33:44.404 ipsec_setup: Stopping Openswan IPsec...

I don't know the significance, if any, of 'recvref[30]: Protocol not available'

or

what to do about: 'xl2tpd[3142]: This binary does not support kernel L2TP'

Any help available, please?
Back to top
View user's profile Send private message
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help! All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast