<div dir="ltr">Dear All,<div><br></div><div>I have configured openswan+xl2tp+radius.</div><div>If i run xl2tpd without radius authentication, it works fine.</div><div>But while configure with radius authentication , it failes.</div><div><br></div><div>Following are my configureations.</div><div><br></div><div>ipsec.conf</div><div>-------------------------------------</div><div>config setup </div><div><div> protostack=netkey</div><div><span class="" style="white-space:pre"> </span>nat_traversal=yes</div><div><span class="" style="white-space:pre"> </span>virtual_private=%v4:<a href="http://10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12">10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12</a></div><div><span class="" style="white-space:pre"> </span>oe=off</div></div><div><div>conn L2TP-PSK-NAT</div><div><span class="" style="white-space:pre"> </span>rightsubnet=vhost:%priv</div><div><span class="" style="white-space:pre"> </span>also=L2TP-PSK-noNAT</div><div><br></div><div>conn L2TP-PSK-noNAT</div><div><span class="" style="white-space:pre"> </span>authby=secret</div><div><span class="" style="white-space:pre"> </span>pfs=no</div><div><span class="" style="white-space:pre"> </span>auto=add</div><div><span class="" style="white-space:pre"> </span>keyingtries=3</div><div><span class="" style="white-space:pre"> </span>rekey=no</div><div><span class="" style="white-space:pre"> </span>ikelifetime=8h</div><div><span class="" style="white-space:pre"> </span>type=transport</div><div><span class="" style="white-space:pre"> </span>left=Server-IP</div><div><span class="" style="white-space:pre"> </span>leftprotoport=17/1701</div><div><span class="" style="white-space:pre"> </span>right=%any</div><div><span class="" style="white-space:pre"> </span>rightprotoport=17/%any</div><div>------------------------------</div><div><br></div><div>xl2tpd.conf</div><div>-------------------------------------------------------</div><div><div>[global]</div><div>listen-addr = Server-IP</div><div>force userspace = yes</div></div><div><div>[lns default]</div><div>ip range = 192.168.8.2-192.168.8.254</div><div>local ip = 192.168.8.1</div><div>require chap = yes</div><div>refuse pap = yes</div><div>require authentication = yes</div><div>name = xl2tpd</div><div>ppp debug = yes</div><div>pppoptfile = /etc/ppp/options.xl2tpd</div><div>length bit = yes</div></div><div>--------------------------------------------------------</div><div><div>name xl2tpd</div><div>require-mschap-v2</div><div>auth</div><div>ms-dns 8.8.8.8</div><div>ms-dns 8.8.4.4</div><div>nodefaultroute</div><div>idle 1800</div><div>debug</div><div>lock</div><div>nobsdcomp</div><div>novj</div><div>novjccomp</div><div>nologfd</div><div>lcp-echo-interval 5</div><div>lcp-echo-failure 5</div><div>proxyarp</div><div>connect-delay 5000</div><div>plugin radius.so</div><div>plugin radattr.so</div></div><div>radius-config-file /etc/radiusclient/radiusclient.conf<br></div><div>--------------------------------------</div><div>the logfile:</div><div>------------------</div><div><div>Dec 5 03:36:43 vpn2 xl2tpd[22927]: Connection established to IP, 1701. Local: 23899, Remote: 18 (ref=0/0). LNS session is 'default'</div><div>Dec 5 03:36:43 vpn2 xl2tpd[22927]: Call established with IP, Local: 30311, Remote: 1, Serial: 0</div><div>Dec 5 03:36:43 vpn2 pppd[23048]: Plugin radius.so loaded.</div><div>Dec 5 03:36:43 vpn2 pppd[23048]: RADIUS plugin initialized.</div><div>Dec 5 03:36:43 vpn2 pppd[23048]: Plugin radattr.so loaded.</div><div>Dec 5 03:36:43 vpn2 pppd[23048]: RADATTR plugin initialized.</div><div>Dec 5 03:36:43 vpn2 pppd[23048]: pppd 2.4.5 started by root, uid 0</div><div>Dec 5 03:36:43 vpn2 pppd[23048]: Using interface ppp0</div><div>Dec 5 03:36:43 vpn2 pppd[23048]: Connect: ppp0 <--> /dev/pts/1</div><div>Dec 5 03:36:47 vpn2 pppd[23048]: rc_avpair_new: unknown attribute 60</div><div>Dec 5 03:36:48 vpn2 pppd[23048]: Peer xul2tp failed CHAP authentication</div><div>Dec 5 03:36:48 vpn2 pppd[23048]: Connection terminated.</div><div>Dec 5 03:36:48 vpn2 pppd[23048]: Exit.</div><div>Dec 5 03:36:48 vpn2 xl2tpd[22927]: call_close: Call 30311 to IP disconnected</div><div>Dec 5 03:36:48 vpn2 xl2tpd[22927]: control_finish: Connection closed to IP, serial 0 ()</div><div>Dec 5 03:36:48 vpn2 xl2tpd[22927]: control_finish: Connection closed to IP, port 1701 (), Local: 23899, Remote: 18</div></div><div><br></div><div>There is no errors for my radius configuration.</div><div>What's more ,the pptp with my radius works fine, only the xl2tpd failes.</div><div><br></div><div>Anyone can help me?</div><div>Thanks.</div><div><br></div><div><br></div><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div dir="ltr"><div>Best regards,</div><div><br></div></div></div></div>
</div></div>