cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthew Smart <msm...@smartsoftwareinc.com>
Subject Re: Basic VPN not working.
Date Wed, 10 Aug 2016 17:46:29 GMT
Also, if I run tcpdump -i eth2 udp port 1701 on the router and try to 
connect or try nc I see no packets on the router.

Matthew Smart
President
Smart Software Solutions Inc.
108 S Pierre St.
Pierre, SD 57501

Phone: (605) 280-0383
Skype: msmart13
Email: msmart@smartsoftwareinc.com

On 08/10/2016 12:29 PM, Matthew Smart wrote:
> Hey guys,
>
> I decided I should make sure I can properly configure the remote 
> access vpn in its current state before I try to modify it for my uses. 
> Unfortunately, I cannot seem to get it to work using the instructions 
> on the website. I activated the VPN from the web UI and added a user 
> account. These steps succeeded and I am not seeing any errors in the 
> management or agent logs. I configured the VPN client (Mac OSX) but 
> when I connect it errors saying "L2TP-VPN server did not respond." If 
> I enable ICMP in the firewall I can ping the IP associated with the 
> router from the client machine.
>
> If I console into the VRouter and run lsof -i I can see that x2ltpd is 
> listening on l2f (1701).
>
> I have tried running nc -u VROUTERIP 1701 from the client to manually 
> test if the router is listening on port 1701 but the command never 
> finishes. I thought this was odd because I expect that if x2ltpd was 
> not listening on 1701 that nc would fail. The way it blocks reminds me 
> of a firewall drop. But the firewall configuration for the VROUTERIP 
> is showing 1701, 4500, and 500 UDP allowed from 0.0.0.0/0 both in the 
> web UI and via iptables -L -n
>
> Not sure this is relevant but I did notice that if I tail 
> /var/log/syslog on the VRouter there are the following lines close to 
> the bottom:
>
> Nov  9 11:20:13 systemvm xl2tpd[11917]: setsockopt recvref[30]: 
> Protocol not available
> Nov  9 11:20:13 systemvm xl2tpd[11917]: This binary does not support 
> kernel L2TP.
> Nov  9 11:20:13 systemvm xl2tpd[11918]: xl2tpd version xl2tpd-1.3.1 
> started on systemvm PID:11918
> Nov  9 11:20:13 systemvm xl2tpd[11918]: Written by Mark Spencer, 
> Copyright (C) 1998, Adtran, Inc.
> Nov  9 11:20:13 systemvm xl2tpd[11918]: Forked by Scott Balmos and 
> David Stipp, (C) 2001
> Nov  9 11:20:13 systemvm xl2tpd[11918]: Inherited by Jeff McAdams, (C) 
> 2002
> Nov  9 11:20:13 systemvm xl2tpd[11918]: Forked again by Xelerance 
> (www.xelerance.com) (C) 2006
> Nov  9 11:20:13 systemvm xl2tpd[11918]: Listening on IP address 
> 0.0.0.0, port 1701
> Nov  9 11:20:42 systemvm /usr/sbin/irqbalance: Balancing is 
> ineffective on systems with a single cache domain.  Shutting down
> Nov  9 11:20:59 systemvm KVP: KVP starting; pid is:18270
> Nov  9 11:21:36 systemvm shutdown[21010]: shutting down for system halt
> Nov  9 11:21:36 systemvm init: Switching to runlevel: 0
> Nov  9 11:21:37 systemvm KVP: KVP starting; pid is:21036
> Nov  9 11:21:37 systemvm KVP: recvfrom failed; pid:21036 error:2 No 
> such file or directory
> Nov  9 11:21:37 systemvm init: Re-reading inittab
> Nov  9 11:21:37 systemvm conntrack-tools[11432]: ---- shutdown 
> received ----
> Nov  9 11:21:39 systemvm dnsmasq[11500]: exiting on receipt of SIGTERM
> Nov  9 11:21:39 systemvm acpid: exiting
> Nov  9 11:21:39 systemvm xl2tpd[11918]: death_handler: Fatal signal 15 
> received
> Nov  9 11:21:39 systemvm ntpd[1732]: ntpd exiting on signal 15
>
>
> Any thoughts on this or ideas for how I can troubleshoot the issue?
>
>
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message