cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthew Smart <msm...@smartsoftwareinc.com>
Subject Basic VPN not working.
Date Wed, 10 Aug 2016 17:29:02 GMT
Hey guys,

I decided I should make sure I can properly configure the remote access 
vpn in its current state before I try to modify it for my uses. 
Unfortunately, I cannot seem to get it to work using the instructions on 
the website. I activated the VPN from the web UI and added a user 
account. These steps succeeded and I am not seeing any errors in the 
management or agent logs. I configured the VPN client (Mac OSX) but when 
I connect it errors saying "L2TP-VPN server did not respond." If I 
enable ICMP in the firewall I can ping the IP associated with the router 
from the client machine.

If I console into the VRouter and run lsof -i I can see that x2ltpd is 
listening on l2f (1701).

I have tried running nc -u VROUTERIP 1701 from the client to manually 
test if the router is listening on port 1701 but the command never 
finishes. I thought this was odd because I expect that if x2ltpd was not 
listening on 1701 that nc would fail. The way it blocks reminds me of a 
firewall drop. But the firewall configuration for the VROUTERIP is 
showing 1701, 4500, and 500 UDP allowed from 0.0.0.0/0 both in the web 
UI and via iptables -L -n

Not sure this is relevant but I did notice that if I tail 
/var/log/syslog on the VRouter there are the following lines close to 
the bottom:

Nov  9 11:20:13 systemvm xl2tpd[11917]: setsockopt recvref[30]: Protocol 
not available
Nov  9 11:20:13 systemvm xl2tpd[11917]: This binary does not support 
kernel L2TP.
Nov  9 11:20:13 systemvm xl2tpd[11918]: xl2tpd version xl2tpd-1.3.1 
started on systemvm PID:11918
Nov  9 11:20:13 systemvm xl2tpd[11918]: Written by Mark Spencer, 
Copyright (C) 1998, Adtran, Inc.
Nov  9 11:20:13 systemvm xl2tpd[11918]: Forked by Scott Balmos and David 
Stipp, (C) 2001
Nov  9 11:20:13 systemvm xl2tpd[11918]: Inherited by Jeff McAdams, (C) 2002
Nov  9 11:20:13 systemvm xl2tpd[11918]: Forked again by Xelerance 
(www.xelerance.com) (C) 2006
Nov  9 11:20:13 systemvm xl2tpd[11918]: Listening on IP address 0.0.0.0, 
port 1701
Nov  9 11:20:42 systemvm /usr/sbin/irqbalance: Balancing is ineffective 
on systems with a single cache domain.  Shutting down
Nov  9 11:20:59 systemvm KVP: KVP starting; pid is:18270
Nov  9 11:21:36 systemvm shutdown[21010]: shutting down for system halt
Nov  9 11:21:36 systemvm init: Switching to runlevel: 0
Nov  9 11:21:37 systemvm KVP: KVP starting; pid is:21036
Nov  9 11:21:37 systemvm KVP: recvfrom failed; pid:21036 error:2 No such 
file or directory
Nov  9 11:21:37 systemvm init: Re-reading inittab
Nov  9 11:21:37 systemvm conntrack-tools[11432]: ---- shutdown received ----
Nov  9 11:21:39 systemvm dnsmasq[11500]: exiting on receipt of SIGTERM
Nov  9 11:21:39 systemvm acpid: exiting
Nov  9 11:21:39 systemvm xl2tpd[11918]: death_handler: Fatal signal 15 
received
Nov  9 11:21:39 systemvm ntpd[1732]: ntpd exiting on signal 15


Any thoughts on this or ideas for how I can troubleshoot the issue?



-- 
Matthew Smart
President
Smart Software Solutions Inc.
108 S Pierre St.
Pierre, SD 57501

Phone: (605) 280-0383
Skype: msmart13
Email: msmart@smartsoftwareinc.com


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message