opotonil l33t
Joined: 17 Jun 2005 Posts: 801 Location: 127.0.0.1
|
Posted: Thu Feb 14, 2013 6:50 pm Post subject: openswan and xl2tpd with plugin dhcpc for ppp |
|
|
I have configured ipsec with openswan and xl2tpd. All is working ok when dhcp range to assign is configured in xl2tpd but when I try to assign the IP using remote dhcp (dnsmasq on local router) not work.
Logs show the next info:
Code: |
Feb 14 18:59:11 server ipsec_setup: Starting Openswan IPsec U2.6.38/K3.4.2-hardened-r1...
Feb 14 18:59:11 server ipsec_setup: Using NETKEY(XFRM) stack
Feb 14 18:59:11 server ipsec_setup: ...Openswan IPsec started
Feb 14 18:59:11 server ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d
Feb 14 18:59:11 server pluto: adjusting ipsec.d to /etc/ipsec.d
Feb 14 18:59:11 server ipsec__plutorun: 002 added connection description "road_warrior"
Feb 14 18:59:16 server xl2tpd[19823]: setsockopt recvref[30]: Protocol not available
Feb 14 18:59:16 server xl2tpd[19823]: Using l2tp kernel support.
Feb 14 18:59:16 server xl2tpd[19824]: xl2tpd version xl2tpd-1.3.1 started on server PID:19824
Feb 14 18:59:16 server xl2tpd[19824]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Feb 14 18:59:16 server xl2tpd[19824]: Forked by Scott Balmos and David Stipp, (C) 2001
Feb 14 18:59:16 server xl2tpd[19824]: Inherited by Jeff McAdams, (C) 2002
Feb 14 18:59:16 server xl2tpd[19824]: Forked again by Xelerance (www.xelerance.com) (C) 2006
Feb 14 18:59:16 server xl2tpd[19824]: Listening on IP address 0.0.0.0, port 1701
Feb 14 19:00:01 server cron[19837]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons)
Feb 14 19:04:49 server xl2tpd[19824]: control_finish: Peer requested tunnel 55 twice, ignoring second one.
Feb 14 19:04:49 server xl2tpd[19824]: Connection established to xxx.xxx.xx.xx, 60490. Local: 45611, Remote: 55 (ref=0/0). LNS session is 'default'
Feb 14 19:04:49 server xl2tpd[19824]: start_pppd: I'm running:
Feb 14 19:04:49 server xl2tpd[19824]: "/usr/sbin/pppd"
Feb 14 19:04:49 server xl2tpd[19824]: "passive"
Feb 14 19:04:49 server xl2tpd[19824]: "nodetach"
Feb 14 19:04:49 server xl2tpd[19824]: "192.168.255.2:0.0.0.0"
Feb 14 19:04:49 server xl2tpd[19824]: "refuse-pap"
Feb 14 19:04:49 server xl2tpd[19824]: "auth"
Feb 14 19:04:49 server xl2tpd[19824]: "require-chap"
Feb 14 19:04:49 server xl2tpd[19824]: "file"
Feb 14 19:04:49 server xl2tpd[19824]: "/etc/ppp/options"
Feb 14 19:04:49 server xl2tpd[19824]: "ipparam"
Feb 14 19:04:49 server xl2tpd[19824]: "xxx.xxx.xx.xx"
Feb 14 19:04:49 server xl2tpd[19824]: "plugin"
Feb 14 19:04:49 server xl2tpd[19824]: "pppol2tp.so"
Feb 14 19:04:49 server xl2tpd[19824]: "pppol2tp"
Feb 14 19:04:49 server xl2tpd[19824]: "8"
Feb 14 19:04:49 server xl2tpd[19824]: Call established with xxx.xxx.xx.xx, Local: 21483, Remote: 15752, Serial: 1
Feb 14 19:04:49 server pppd[19890]: Plugin dhcpc.so loaded.
Feb 14 19:04:49 server pppd[19890]: DHCPC: plugin initialized
Feb 14 19:04:49 server pppd[19890]: Plugin dhcpc.so loaded.
Feb 14 19:04:49 server pppd[19890]: DHCPC: plugin initialized
Feb 14 19:04:49 server pppd[19890]: Plugin pppol2tp.so loaded.
Feb 14 19:04:49 server pppd[19890]: pppd 2.4.5 started by xxxxxxxxx, uid 0
Feb 14 19:04:49 server pppd[19890]: using channel 6
Feb 14 19:04:49 server pppd[19890]: Using interface ppp0
Feb 14 19:04:49 server pppd[19890]: Connect: ppp0 <-->
Feb 14 19:04:49 server pppd[19890]: Overriding mtu 1500 to 1410
Feb 14 19:04:49 server pppd[19890]: PPPoL2TP options: debugmask 0
Feb 14 19:04:49 server pppd[19890]: Overriding mru 1500 to mtu value 1410
Feb 14 19:04:49 server pppd[19890]: sent [LCP ConfReq id=0x1 <mru 1410> <asyncmap 0x0> <auth chap MD5> <magic 0x6b437ed2>]
Feb 14 19:04:49 server pppd[19890]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x1d35b304> <pcomp> <accomp>]
Feb 14 19:04:49 server pppd[19890]: sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x1d35b304> <pcomp> <accomp>]
Feb 14 19:04:49 server pppd[19890]: rcvd [LCP ConfAck id=0x1 <mru 1410> <asyncmap 0x0> <auth chap MD5> <magic 0x6b437ed2>]
Feb 14 19:04:49 server pppd[19890]: Overriding mtu 1500 to 1410
Feb 14 19:04:49 server pppd[19890]: PPPoL2TP options: debugmask 0
Feb 14 19:04:49 server pppd[19890]: sent [CHAP Challenge id=0x9e <45b090b2270e5bed004c382adea5843b0a>, name = "server"]
Feb 14 19:04:49 server pppd[19890]: rcvd [LCP EchoReq id=0x0 magic=0x1d35b304]
Feb 14 19:04:49 server pppd[19890]: sent [LCP EchoRep id=0x0 magic=0x6b437ed2]
Feb 14 19:04:49 server pppd[19890]: rcvd [CHAP Response id=0x9e <a351994d3cedfb29d419ac2ee9b91ce7>, name = "mobile"]
Feb 14 19:04:49 server pppd[19890]: sent [CHAP Success id=0x9e "Access granted"]
Feb 14 19:04:49 server pppd[19890]: DHCPC: ip_choose_hook entered with peer name mobile
Feb 14 19:04:49 server pppd[19890]: DHCPC: calling ip_choose_hook for previously loaded module
Feb 14 19:04:49 server pppd[19890]: DHCPC: ip_choose_hook entered with peer name mobile
Feb 14 19:04:49 server pppd[19890]: DHCPC: calling ip_choose_hook for previously loaded module
Feb 14 19:04:49 server pppd[19890]: DHCPC: ip_choose_hook entered with peer name mobile
Feb 14 19:04:49 server pppd[19890]: DHCPC: calling ip_choose_hook for previously loaded module
Feb 14 19:04:49 server pppd[19890]: DHCPC: ip_choose_hook entered with peer name mobile
Feb 14 19:04:49 server pppd[19890]: DHCPC: calling ip_choose_hook for previously loaded module
...
...
|
Code: |
Feb 14 19:05:05 server kernel: [426779.800575] grsec: From xxx.xxx.x.xxx: denied resource overstep by requesting 8392704 for RLIMIT_STACK against limit 8388608 for /usr/sbin/pppd[pppd:19890] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/xl2tpd[xl2tpd:19824] uid/euid:0/0 gid/egid:0/0
Feb 14 19:05:05 server kernel: [426779.800597] grsec: From xxx.xxx.x.xxx: denied resource overstep by requesting 8392704 for RLIMIT_STACK against limit 8388608 for /usr/sbin/pppd[pppd:19890] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/xl2tpd[xl2tpd:19824] uid/euid:0/0 gid/egid:0/0
Feb 14 19:05:05 server kernel: [426779.800611] grsec: From xxx.xxx.x.xxx: Segmentation fault occurred at (nil) in /usr/sbin/pppd[pppd:19890] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/xl2tpd[xl2tpd:19824] uid/euid:0/0 gid/egid:0/0
Feb 14 19:05:05 server kernel: [426779.800627] grsec: From xxx.xxx.x.xxx: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/sbin/pppd[pppd:19890] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/xl2tpd[xl2tpd:19824] uid/euid:0/0 gid/egid:0/0
|
_________________ Localnet
Films Localnet |
|