What Does This L2TP/IPSec Error Mean?

Question

I am trying to connect to a Cisco Meraki VPN that uses L2TP/IPsec. On my side I am using Libreswan/NetworkManager to configure my connection. When I try to connect, I get logs as follows:

Mar 02 11:29:45 eyrie NetworkManager[375]: <info>  [1583148585.6801] vpn-connection[0x5612aa19c4f0,6dc2f91a-f174-421b-810d-7384b68316ce,"VPN connection 1",0]: Saw the service appear; activating connection
Mar 02 11:29:55 eyrie NetworkManager[375]: <info>  [1583148595.6107] vpn-connection[0x5612aa19c4f0,6dc2f91a-f174-421b-810d-7384b68316ce,"VPN connection 1",0]: VPN connection: (ConnectInteractive) reply received
Mar 02 11:29:55 eyrie nm-l2tp-service[5582]: Check port 1701
Mar 02 11:29:55 eyrie NetworkManager[5602]: Redirecting to: systemctl restart ipsec.service
Mar 02 11:29:55 eyrie NetworkManager[5569]: 002 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: deleting state (STATE_MAIN_I1) aged 53.138s and NOT sending notification
Mar 02 11:29:56 eyrie NetworkManager[5903]: 002 listening for IKE messages
Mar 02 11:29:56 eyrie NetworkManager[5903]: 002 forgetting secrets
Mar 02 11:29:56 eyrie NetworkManager[5903]: 002 loading secrets from "/etc/ipsec.secrets"
Mar 02 11:29:56 eyrie NetworkManager[5907]: debugging mode enabled
Mar 02 11:29:56 eyrie NetworkManager[5907]: end of file /var/run/nm-l2tp-6dc2f91a-f174-421b-810d-7384b68316ce/ipsec.conf
Mar 02 11:29:56 eyrie NetworkManager[5907]: Loading conn 6dc2f91a-f174-421b-810d-7384b68316ce
Mar 02 11:29:56 eyrie NetworkManager[5907]: starter: left is KH_DEFAULTROUTE
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" modecfgdns=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" modecfgdomains=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" modecfgbanner=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" mark=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" mark-in=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" mark-out=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" vti_iface=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" redirect-to=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" accept-redirect-to=<unset>
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" esp=aes256-sha1,aes128-sha1,3des-sha1
Mar 02 11:29:56 eyrie NetworkManager[5907]: conn: "6dc2f91a-f174-421b-810d-7384b68316ce" ike=aes256-sha2_256-modp2048,aes256-sha2_256-modp1536,aes256-sha2_256-modp1024,aes256-sha1-modp2048,aes256-sha1-modp1536,aes256-sha1-modp1024,aes256-sha1-ecp_384,aes128-sha1-modp1024,aes128-sha1-ecp_256,3des-sha1-modp2048,3des-sha1-modp1024
Mar 02 11:29:56 eyrie NetworkManager[5907]: opening file: /var/run/nm-l2tp-6dc2f91a-f174-421b-810d-7384b68316ce/ipsec.conf
Mar 02 11:29:56 eyrie NetworkManager[5907]: loading named conns: 6dc2f91a-f174-421b-810d-7384b68316ce
Mar 02 11:29:56 eyrie NetworkManager[5907]: seeking_src = 1, seeking_gateway = 1, has_peer = 1
Mar 02 11:29:56 eyrie NetworkManager[5907]: seeking_src = 0, seeking_gateway = 1, has_dst = 1
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst  via 192.168.42.129 dev enp0s29u1u2 src 192.168.42.85 table 254
Mar 02 11:29:56 eyrie NetworkManager[5907]: set nexthop: 192.168.42.129
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 192.168.42.0 via  dev enp0s29u1u2 src 192.168.42.85 table 254
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 127.0.0.0 via  dev lo src 127.0.0.1 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 127.0.0.1 via  dev lo src 127.0.0.1 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 127.255.255.255 via  dev lo src 127.0.0.1 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 192.168.42.0 via  dev enp0s29u1u2 src 192.168.42.85 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 192.168.42.85 via  dev enp0s29u1u2 src 192.168.42.85 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 192.168.42.255 via  dev enp0s29u1u2 src 192.168.42.85 table 255 (ignored)
Mar 02 11:29:56 eyrie NetworkManager[5907]: seeking_src = 1, seeking_gateway = 0, has_peer = 1
Mar 02 11:29:56 eyrie NetworkManager[5907]: seeking_src = 1, seeking_gateway = 0, has_dst = 1
Mar 02 11:29:56 eyrie NetworkManager[5907]: dst 192.168.42.129 via  dev enp0s29u1u2 src 192.168.42.85 table 254
Mar 02 11:29:56 eyrie NetworkManager[5907]: set addr: 192.168.42.85
Mar 02 11:29:56 eyrie NetworkManager[5907]: seeking_src = 0, seeking_gateway = 0, has_peer = 1
Mar 02 11:29:56 eyrie NetworkManager[5909]: 002 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: initiating Main Mode
Mar 02 11:29:56 eyrie NetworkManager[5909]: 104 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: initiate
Mar 02 11:29:57 eyrie NetworkManager[5909]: 010 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: retransmission; will wait 0.5 seconds for response
Mar 02 11:29:57 eyrie NetworkManager[5909]: 010 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: retransmission; will wait 1 seconds for response
Mar 02 11:29:58 eyrie NetworkManager[5909]: 010 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: retransmission; will wait 2 seconds for response
Mar 02 11:30:00 eyrie NetworkManager[5909]: 010 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: retransmission; will wait 4 seconds for response
Mar 02 11:30:04 eyrie NetworkManager[5909]: 010 "6dc2f91a-f174-421b-810d-7384b68316ce" #1: STATE_MAIN_I1: retransmission; will wait 8 seconds for response
Mar 02 11:30:06 eyrie nm-l2tp-service[5582]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
Mar 02 11:30:06 eyrie NetworkManager[375]: <info>  [1583148606.5734] vpn-connection[0x5612aa19c4f0,6dc2f91a-f174-421b-810d-7384b68316ce,"VPN connection 1",0]: VPN plugin: state changed: stopped (6)
Mar 02 11:30:06 eyrie NetworkManager[375]: <info>  [1583148606.5764] vpn-connection[0x5612aa19c4f0,6dc2f91a-f174-421b-810d-7384b68316ce,"VPN connection 1",0]: VPN service disappeared
Mar 02 11:30:06 eyrie NetworkManager[375]: <warn>  [1583148606.5777] vpn-connection[0x5612aa19c4f0,6dc2f91a-f174-421b-810d-7384b68316ce,"VPN connection 1",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'

Things clearly aren't working, but I don't really understand what the actual error is. What is actually wrong from these logs?

score 0 · Answer 1 · answered Mar 03 '20 at 11:13

To me it looks like the target VPN server doesn't respond. The lines (use Notepad++ i.e.) 42-48 are crucial. Your VPN client tries to initiate main mode (phase 1) but can't because it doesn't get a response, and times out. IMO you need to check the server side, either it's blocked or miss configured.

cheers

What Does This L2TP/IPSec Error Mean?

1 Answers1