- Thread Starter
- #26
I configured the l2tpd as instructed, but the connection is not established: "No more free pseudo-tty's".
Here is the l2tpd's log:
And the StrongSwan's log at the moment of l2tpd trying to connect:
Here is the l2tpd's log:
Code:
This binary does not support kernel L2TP.
l2tpd version 0.69 started on TEST.local PID:860
Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Forked by Scott Balmos and David Stipp, (C) 2001
Inhereted by Jeff McAdams, (C) 2002
FreeBSD version 11.2-RELEASE on a amd64, addr 0.0.0.0, port 1701
do_control: Got message c vpn-uz (8 bytes long)
ourtid = 49146, entropy_buf = bffa
l2tp_call:Connecting to host 195.149.70.70, port 1701
check_control: control, cid = 0, Ns = 0, Nr = 1
handle_avps: handling avp's for tunnel 49146, call 0
message_type_avp: message type 2 (Start-Control-Connection-Reply)
protocol_version_avp: peer is using version 1, revision 0.
framing_caps_avp: supported peer frames: async sync
bearer_caps_avp: supported peer bearers: analog digital
firmware_rev_avp: peer reports firmware version 4384 (0x1120)
hostname_avp: peer reports hostname 'ASA'
vendor_avp: peer reports vendor 'Cisco Systems, Inc.'
assigned_tunnel_avp: using peer's tunnel 51097
receive_window_size_avp: peer wants RWS of 16. Will use flow control.
control_finish: Connection established to 195.149.70.70, 1701. Local: 49146, Remote: 51097.
ourcid = 33308, entropy_buf = 821c
lac_call: Calling on tunnel 49146
check_control: control, cid = 0, Ns = 1, Nr = 2
check_control: control, cid = 0, Ns = 1, Nr = 3
handle_avps: handling avp's for tunnel 49146, call 33308
message_type_avp: message type 11 (Incoming-Call-Reply)
assigned_call_avp: using peer's call 40031
control_finish: Call established with 195.149.70.70, Local: 33308, Remote: 40031, Serial: 1
getPtyMaster: No more free pseudo-tty's
start_pppd: unable to allocate pty, abandoning!
check_control: control, cid = 40031, Ns = 2, Nr = 4
check_control: control, cid = 40031, Ns = 2, Nr = 4
handle_avps: handling avp's for tunnel 49146, call 33308
message_type_avp: message type 16 (Set-Link-Info)
ignore_avp : Ignoring AVP
check_control: control, cid = 0, Ns = 3, Nr = 4
handle_avps: handling avp's for tunnel 49146, call 0
message_type_avp: message type 6 (Hello)
check_control: control, cid = 0, Ns = 4, Nr = 4
handle_avps: handling avp's for tunnel 49146, call 0
message_type_avp: message type 6 (Hello)
check_control: control, cid = 0, Ns = 5, Nr = 4
handle_avps: handling avp's for tunnel 49146, call 0
message_type_avp: message type 6 (Hello)
...
Code:
Dec 18 09:18:50 14[KNL] creating acquire job for policy 10.1.1.99/32[udp] === 195.149.70.70/32[udp/l2f] with reqid {1}
Dec 18 09:18:50 13[IKE] initiating Main Mode IKE_SA vpn-uz[1] to 195.149.70.70
Dec 18 09:18:50 13[ENC] generating ID_PROT request 0 [ SA V V V V V ]
Dec 18 09:18:50 13[NET] sending packet: from 10.1.1.99[500] to 195.149.70.70[500] (240 bytes)
Dec 18 09:18:50 14[NET] received packet: from 195.149.70.70[500] to 10.1.1.99[500] (128 bytes)
Dec 18 09:18:50 14[ENC] parsed ID_PROT response 0 [ SA V V ]
Dec 18 09:18:50 14[IKE] received NAT-T (RFC 3947) vendor ID
Dec 18 09:18:50 14[IKE] received FRAGMENTATION vendor ID
Dec 18 09:18:50 14[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Dec 18 09:18:50 14[NET] sending packet: from 10.1.1.99[500] to 195.149.70.70[500] (244 bytes)
Dec 18 09:18:50 14[NET] received packet: from 195.149.70.70[500] to 10.1.1.99[500] (304 bytes)
Dec 18 09:18:50 14[ENC] parsed ID_PROT response 0 [ KE No V V V V NAT-D NAT-D ]
Dec 18 09:18:50 14[IKE] received Cisco Unity vendor ID
Dec 18 09:18:50 14[IKE] received XAuth vendor ID
Dec 18 09:18:50 14[ENC] received unknown vendor ID: d3:fd:75:e4:51:5a:08:26:b4:d6:10:2c:92:6f:6e:34
Dec 18 09:18:50 14[ENC] received unknown vendor ID: 1f:07:f7:0e:aa:65:14:d3:b0:fa:96:54:2a:50:01:00
Dec 18 09:18:50 14[IKE] local host is behind NAT, sending keep alives
Dec 18 09:18:50 14[ENC] generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
Dec 18 09:18:50 14[NET] sending packet: from 10.1.1.99[4500] to 195.149.70.70[4500] (108 bytes)
Dec 18 09:18:50 14[NET] received packet: from 195.149.70.70[4500] to 10.1.1.99[4500] (92 bytes)
Dec 18 09:18:50 14[ENC] parsed ID_PROT response 0 [ ID HASH V ]
Dec 18 09:18:50 14[IKE] received DPD vendor ID
Dec 18 09:18:50 14[IKE] IKE_SA vpn-uz[1] established between 10.1.1.99[10.1.1.99]...195.149.70.70[195.149.70.70]
Dec 18 09:18:50 14[IKE] scheduling reauthentication in 10227s
Dec 18 09:18:50 14[IKE] maximum IKE_SA lifetime 10767s
Dec 18 09:18:50 14[ENC] generating QUICK_MODE request 723898552 [ HASH SA No ID ID NAT-OA NAT-OA ]
Dec 18 09:18:50 14[NET] sending packet: from 10.1.1.99[4500] to 195.149.70.70[45
00] (220 bytes)
Dec 18 09:18:50 14[NET] received packet: from 195.149.70.70[4500] to 10.1.1.99[4500] (188 bytes)
Dec 18 09:18:50 14[ENC] parsed QUICK_MODE response 723898552 [ HASH SA No ID ID NAT-OA NAT-OA ]
Dec 18 09:18:50 14[IKE] CHILD_SA vpn-uz{3} established with SPIs cc43a242_i 97bc78cf_o and TS 10.1.1.99/32[udp] === 195.149.70.70/32[udp/l2f]
Dec 18 09:18:50 14[ENC] generating QUICK_MODE request 723898552 [ HASH ]
Dec 18 09:18:50 14[NET] sending packet: from 10.1.1.99[4500] to 195.149.70.70[4500] (60 bytes)
Dec 18 09:19:22 16[NET] received packet: from 195.149.70.70[4500] to 10.1.1.99[4500] (76 bytes)
Dec 18 09:19:22 16[ENC] parsed INFORMATIONAL_V1 request 705272029 [ HASH D ]
Dec 18 09:19:22 16[IKE] received DELETE for ESP CHILD_SA with SPI 97bc78cf
Dec 18 09:19:22 16[IKE] closing CHILD_SA vpn-uz{3} with SPIs cc43a242_i (592 bytes) 97bc78cf_o (968 bytes) and TS 10.1.1.99/32[udp] === 195.149.70.70/32[udp/l2f]
Dec 18 09:19:22 16[NET] received packet: from 195.149.70.70[4500] to 10.1.1.99[4500] (92 bytes)
Dec 18 09:19:22 16[ENC] parsed INFORMATIONAL_V1 request 1270181315 [ HASH D ]
Dec 18 09:19:22 16[IKE] received DELETE for IKE_SA vpn-uz[1]
Dec 18 09:19:22 16[IKE] deleting IKE_SA vpn-uz[1] between 10.1.1.99[10.1.1.99]...195.149.70.70[195.149.70.70]