[Bug 1951832] Re: xl2tpd "Can not find tunnel" in jammy

[gregrwm]

** Description changed:

  My connection works in 20.04 and fails in 22.04.  Perhaps something i've
- been using is now depricated?  Or perhaps jammy strongswan is...still
+ been using is now depricated?  Or perhaps jammy xl2tpd is...still
  working on it?
  
- This is the output i get in 22.04:
- initiating Main Mode IKE_SA myvp7[1] to 2.i.p.7
- generating ID_PROT request 0 [ SA V V V V V ]
- sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (180 bytes)
- received packet: from 2.i.p.7[500] to 1.i.p.2[500] (136 bytes)
- parsed ID_PROT response 0 [ SA V V V ]
- received XAuth vendor ID
- received DPD vendor ID
- received NAT-T (RFC 3947) vendor ID
- selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
- generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
- sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (372 bytes)
- received packet: from 2.i.p.7[500] to 1.i.p.2[500] (372 bytes)
- parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
- no shared key found for '1.i.p.2'[1.i.p.2] - '2.i.p.7'[2.i.p.7]
- no shared key found for 1.i.p.2 - 2.i.p.7
- generating INFORMATIONAL_V1 request 402437601 [ N(INVAL_KE) ]
- sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (56 bytes)
- establishing connection 'myvp7' failed
+ see my attached syslog extracts.  i extracted them thus:
  
- This is the output i get in 20.04:
- initiating Main Mode IKE_SA myvp7[1] to 2.i.p.7
- generating ID_PROT request 0 [ SA V V V V V ]
- sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (180 bytes)
- received packet: from 2.i.p.7[500] to 1.i.p.2[500] (136 bytes)
- parsed ID_PROT response 0 [ SA V V V ]
- received XAuth vendor ID
- received DPD vendor ID
- received NAT-T (RFC 3947) vendor ID
- selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
- generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
- sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (372 bytes)
- received packet: from 2.i.p.7[500] to 1.i.p.2[500] (372 bytes)
- parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
- local host is behind NAT, sending keep alives
- generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
- sending packet: from 1.i.p.2[4500] to 2.i.p.7[4500] (108 bytes)
- received packet: from 2.i.p.7[4500] to 1.i.p.2[4500] (76 bytes)
- parsed ID_PROT response 0 [ ID HASH ]
- IKE_SA myvp7[1] established between 1.i.p.2[1.i.p.2]...2.i.p.7[2.i.p.7]
- scheduling reauthentication in 3397s
- maximum IKE_SA lifetime 3577s
- generating QUICK_MODE request 3605139670 [ HASH SA No ID ID NAT-OA NAT-OA ]
- sending packet: from 1.i.p.2[4500] to 2.i.p.7[4500] (204 bytes)
- received packet: from 2.i.p.7[4500] to 1.i.p.2[4500] (204 bytes)
- parsed QUICK_MODE response 3605139670 [ HASH SA No ID ID NAT-OA NAT-OA ]
- selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
- CHILD_SA myvp7{1} established with SPIs ce997cf9_i ccdb93e8_o and TS 
1.i.p.2/32[udp/l2f] === 2.i.p.7/32[udp/l2f]
- connection 'myvp7' established successfully
+ egrep "l2tp|swan|ipsec|charon|XFRM|layer 2|\<ike" /var/log/syslog|egrep
+ -v "INFORMATIONAL_V1|packet: from"
  
- my ipsec.conf:
+ what seems to stand out is:
+ 
+ These lines show up in syslog only in 20.04:
+ Nov 22 06:22:04 e540 ipsec[782]: 12[KNL] 3.i.p.4 appeared on ppp0
+ Nov 22 06:22:04 e540 ipsec[782]: 14[KNL] 3.i.p.4 disappeared from ppp0
+ Nov 22 06:22:04 e540 ipsec[782]: 09[KNL] 3.i.p.4 appeared on ppp0
+ Nov 22 06:22:04 e540 ipsec[782]: 05[KNL] interface ppp0 activated
+ 
+ These lines show up in syslog only in jammy:
+ Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
+ Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 105 Dumping.
+ Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
+ Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 12 Dumping.
+ Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
+ Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 105 Dumping.
+ Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
+ Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 12 Dumping.
+ Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0) 
+ Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 105 Dumping.
+ Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0) 
+ Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 12 Dumping.
+ Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0) 
+ Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 105 Dumping.
+ Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
+ Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 12 Dumping.
+ Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
+ Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 105 Dumping.
+ Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202.  
Closing.
+ Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 
(Timeout)
+ Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
+ Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 45 Dumping.
+ Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
+ Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 45 Dumping.
+ Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
+ Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 45 Dumping.
+ Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
+ Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 45 Dumping.
+ Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
+ Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or 
tunnel to handle packet.  call = 39202, tunnel = 45 Dumping.
+ Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for 
tunnel 39202. Destroying anyway.
+ 
+ my /etc/ipsec.conf:
  conn myvp7
-   right=2.i.p.7
-   rightprotoport=17/1701
-   leftprotoport=17/1701
-   left=%defaultroute
-   keyexchange=ikev1
-   type=transport
-   authby=secret
-   auto=add
+   right=2.i.p.7
+   rightprotoport=17/1701
+   leftprotoport=17/1701
+   left=%defaultroute
+   keyexchange=ikev1
+   type=transport
+   authby=secret
+   auto=add
  
- my ipsec.secrets:
+ my /etc/ipsec.secrets:
  : PSK ...
+ 
+ my /etc/xl2tpd/xl2tpd.conf:
+ [lac myvp7]
+ lns = 2.i.p.7
+ ppp debug = yes
+ pppoptfile = /etc/ppp/options.l2tpd.client
+ length bit = yes
+ 
+ my /etc/ppp/options.l2tpd.client:
+ ipcp-accept-local
+ ipcp-accept-remote
+ refuse-eap
+ require-chap
+ noccp
+ noauth 
+ mtu 1280
+ mru 1280
+ noipdefault
+ defaultroute 
+ usepeerdns 
+ connect-delay 5000                              
+ 
+ name ...
+ password ...
+ 
+ my startup commands:
+ ipsec up myvp7&&
+ echo>/var/run/xl2tpd/l2tp-control c myvp7&&
+ while i=$(ip route) j=${i#*3.i.p.}
+    [[ $j = "$i" ]]
+ do echo -n .;sleep .3
+ done
+ i="ip route add 192.168.128.0/21 via 192.168.128.${j%% *}"
+ echo $i;$i

** Attachment added: "syslog extract from 20.04"
   
https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+attachment/5543173/+files/fks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1951832

Title:
  xl2tpd "Can not find tunnel" in jammy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1951832/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs