2
My university offers an L2TP/IPSec VPN, and I am trying to connect to it with strongswan (for IPSec) and xl2tpd (for L2TP).
IPSec works just fine, but something weird happens when I try to establish the L2TP connection.
Whenever I try to connect, PPP peer on the other end just keeps sending TERMREQ with some random garbage like this:
Aug 29 13:32:34 helium pppd[29367]: rcvd [LCP TermReq id=0x3 "}\026,\017\000<\37777777715t\000\000\003,"]
Aug 29 13:32:34 helium pppd[29367]: LCP terminated by peer (}^V,^O^@<M-Mt^@^@^C,)
I tried EAP, CHAP, MSCHAPv1/v2, PAP without MPPE and got the similar result, and I just got timeout with MPPE enabled.
I asked the IT department and they said that the VPN only works on MacOS and Windows, and it indeed works on MacOS.
From my understanding, there shouldn't be a way that PPP peer can tell what client I am using, so my question is, why it does not work with xl2tpd? Am I missing something?
For reference, here are the snippets of configurations file I used:
xl2tpd.conf:
[lac syr_ra]
lns = server_address
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
options.l2tpd.client:
ipcp-accept-local
ipcp-accept-remote
noccp
noauth
idle 1800
mtu 1410
mru 1410
debug
connect-delay 5000
name my_username
password my_password
Morichika Maho
Posted 2018-08-29T20:33:27.640
Reputation: 59
1First thing I'd do is to install Wireshark on the Mac, connect to the VPN, and have a look at what the correct exchange looks like. Knowing that, compare with the wrong exchange on Linux (again using Wireshark), find the point where it deviates, and adjust the config files. Guessing the correct configuration for you when we don't know what your IT department has set up is kind of difficult. For starters, there's plenty of PPP options that affect encoding/escaping, and can lead to the kind of garbage you see. – dirkt – 2018-08-30T06:42:19.770