[Durham] L2TP IPSec issuue with android 4.2.2
Andrew Glass
andrewglass3 at gmail.com
Fri Jan 3 17:36:53 UTC 2014
Hey guys! Happy New Year!
Got a bit of a problem with android and I wondered if you could help please?
My L2TP IPSec vpn using PSK is connecting fine on my desktop and laptops -
it connects without any issues, however as soon as I try to connect my
xperia z running android 4.2.2 it wont connect. Running cat
/var/log/auth.log produces the following output:
Jan 3 17:29:37 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #12:
OAKLEY_DES_CBC is not supported. Attrib
Jan 3 17:29:37 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #12:
OAKLEY_DES_CBC is not supported. Attrib
Jan 3 17:29:37 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #12:
OAKLEY_DES_CBC is not supported. Attrib
Jan 3 17:29:37 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #12:
no acceptable Oakley Transform
Jan 3 17:29:37 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #12:
sending notification NO_PROPOSAL_CHOSEN
Jan 3 17:30:24 localhost pluto[6111]: packet from 92.17.213.37:500:
received Vendor ID payload [RFC 3947] method s
Jan 3 17:30:24 localhost pluto[6111]: packet from 92.17.213.37:500:
received Vendor ID payload [draft-ietf-ipsec-n
Jan 3 17:30:24 localhost pluto[6111]: packet from 92.17.213.37:500:
received Vendor ID payload [draft-ietf-ipsec-n
Jan 3 17:30:24 localhost pluto[6111]: packet from 92.17.213.37:500:
received Vendor ID payload [draft-ietf-ipsec-n
Jan 3 17:30:24 localhost pluto[6111]: packet from 92.17.213.37:500:
ignoring Vendor ID payload [FRAGMENTATION 8000
Jan 3 17:30:24 localhost pluto[6111]: packet from 92.17.213.37:500:
received Vendor ID payload [Dead Peer Detectio
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
responding to Main Mode from unknown pee
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
OAKLEY_SHA2_256 is not supported. Attri
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
transition from state STATE_MAIN_R0 to s
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
STATE_MAIN_R1: sent MR1, expecting MI2
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
NAT-Traversal: Result using RFC 3947 (NA
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
transition from state STATE_MAIN_R1 to s
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
STATE_MAIN_R2: sent MR2, expecting MI3
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
Main mode peer ID is ID_IPV4_ADDR: '192.
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
transition from state STATE_MAIN_R2 to s
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
new NAT mapping for #13, was 92.17.213.3
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
STATE_MAIN_R3: sent MR3, ISAKMP SA estaboup=modp1024}
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
ignoring informational payload, type IPS
Jan 3 17:30:24 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
received and ignored informational messa
Jan 3 17:30:25 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #13:
the peer proposed: 162.243.11.193/32:17/
Jan 3 17:30:25 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #14:
responding to Quick Mode proposal {msgid
Jan 3 17:30:25 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #14:
us: 162.243.11.193<162.243.11.193>[+
Jan 3 17:30:25 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #14:
them: 92.17.213.37[192.168.1.100,+S=C]
Jan 3 17:30:25 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #14:
keeping refhim=4294901761 during rekey
Jan 3 17:30:25 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #14:
transition from state STATE_QUICK_R0 to
Jan 3 17:30:25 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #14:
STATE_QUICK_R1: sent QR1, inbound IPsec
Jan 3 17:30:25 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #14:
netlink_raw_eroute: WARNING: that_clientt.
Jan 3 17:30:25 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #14:
transition from state STATE_QUICK_R1 to
Jan 3 17:30:25 localhost pluto[6111]: "L2TP-PSK-NAT"[2] 92.17.213.37 #14:
STATE_QUICK_R2: IPsec SA established tra6 NATOA=none
NATD=92.17.213.37:4500DPD=none}
Can anyone shed any light as to the problem and possible fix please?
Cheers
Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/durham/attachments/20140103/5e429a10/attachment.html>
More information about the Durham
mailing list