L2TP/IPsec with pre-shared key timeouts after first request

Support Network
, ,
1

Hi,
I tried to connect to my work vpn, it is the classic windows vpn L2TP/IPsec with pre-shared key. I’ve tried going the network manager route in this arch wiki article https: // wiki. archlinux. org/title/Openswan_L2TP/IPsec_VPN_client_setup (remove spaces, because of amazing forum policy). I managed to get everything installed and I added the vpn to my NetworkManager. I tried to connect and it worked. But when I tried to load anything, it didn’t load and the VPN disconnected with an Error. I’ve tried searching the logs. But I don’t understand what is going wrong

zář 29 12:08:27 Sidewinder nm-l2tp-service[4177]: ipsec shut down
zář 29 12:08:27 Sidewinder ipsec_starter[4205]: ipsec starter stopped
zář 29 12:08:27 Sidewinder ipsec_starter[4205]: charon stopped after 200 ms
zář 29 12:08:27 Sidewinder ipsec_starter[4205]: 
zář 29 12:08:27 Sidewinder ipsec_starter[4205]: child 4206 (charon) has quit (exit code 0)
zář 29 12:08:27 Sidewinder charon[4206]: 00[IKE] uninstalling bypass policy for PLACEHOLDER/32
zář 29 12:08:27 Sidewinder charon[4206]: 00[IKE] uninstalling bypass policy for PLACEHOLDER::/64
zář 29 12:08:27 Sidewinder charon[4206]: 00[IKE] uninstalling bypass policy for PLACEHOLDER::414/128
zář 29 12:08:27 Sidewinder charon[4206]: 00[IKE] uninstalling bypass policy for ::1/128
zář 29 12:08:27 Sidewinder charon[4206]: 00[IKE] uninstalling bypass policy for PLACEHOLDER/22
zář 29 12:08:26 Sidewinder pppd[4283]: Exit.
zář 29 12:08:26 Sidewinder charon[4206]: 00[NET] sending packet: from placeholderIP[4500] to placeholderIP[4500] (84 bytes)
zář 29 12:08:26 Sidewinder charon[4206]: 00[ENC] generating INFORMATIONAL_V1 request 2636348020 [ HASH D ]
zář 29 12:08:26 Sidewinder charon[4206]: 00[IKE] sending DELETE for IKE_SA cf9d77d4-746a-4d38-9ad2-6c567048c08b[1]
zář 29 12:08:26 Sidewinder charon[4206]: 00[IKE] deleting IKE_SA cf9d77d4-746a-4d38-9ad2-6c567048c08b[1] between placeholderIP[placeholderIP]...placeholderIP[placeholderIP]
zář 29 12:08:26 Sidewinder charon[4206]: 00[IKE] deleting IKE_SA cf9d77d4-746a-4d38-9ad2-6c567048c08b[1] between placeholderIP[placeholderIP]...placeholderIP[placeholderIP]
zář 29 12:08:26 Sidewinder charon[4206]: 00[NET] sending packet: from placeholderIP[4500] to placeholderIP[4500] (76 bytes)
zář 29 12:08:26 Sidewinder charon[4206]: 00[ENC] generating INFORMATIONAL_V1 request 3734832805 [ HASH D ]
zář 29 12:08:26 Sidewinder charon[4206]: 00[IKE] sending DELETE for ESP CHILD_SA with SPI c83a191c
zář 29 12:08:26 Sidewinder charon[4206]: 00[IKE] closing CHILD_SA cf9d77d4-746a-4d38-9ad2-6c567048c08b{1} with SPIs c83a191c_i (721 bytes) aa3524e5_o (830372089 bytes) and TS placeholderIP/32[>
zář 29 12:08:26 Sidewinder charon[4206]: 00[IKE] closing CHILD_SA cf9d77d4-746a-4d38-9ad2-6c567048c08b{1} with SPIs c83a191c_i (721 bytes) aa3524e5_o (830372089 bytes) and TS placeholderIP/32[>
zář 29 12:08:26 Sidewinder charon[4206]: 00[DMN] SIGINT received, shutting down
zář 29 12:08:26 Sidewinder NetworkManager[4671]: Stopping strongSwan IPsec...
zář 29 12:08:26 Sidewinder NetworkManager[4271]: xl2tpd[4271]: death_handler: Fatal signal 15 received
zář 29 12:08:26 Sidewinder charon[4206]: 01[KNL] interface ppp0 deleted
zář 29 12:08:26 Sidewinder pppd[4283]: Connection terminated.
zář 29 12:08:26 Sidewinder charon[4206]: 14[CFG] joining forecast multicast groups: placeholderIP,placeholderIP,placeholderIP,placeholderIP,placeholderIP
zář 29 12:08:26 Sidewinder charon[4206]: 05[IKE] uninstalling bypass policy for placeholderIP/32
zář 29 12:08:26 Sidewinder charon[4206]: 14[NET] using forecast interface wlp0s20f3
zář 29 12:08:26 Sidewinder pppd[4283]: Overriding mru 1500 to mtu value 1400
zář 29 12:08:26 Sidewinder pppd[4283]: Overriding mtu 1500 to 1400
zář 29 12:08:26 Sidewinder charon[4206]: 09[KNL] placeholderIP disappeared from ppp0
zář 29 12:08:26 Sidewinder charon[4206]: 11[KNL] interface ppp0 deactivated
zář 29 12:08:26 Sidewinder NetworkManager[547]: <info>  [1664446106.8483] device (ppp0): state change: disconnected -> unmanaged (reason 'connection-assumed', sys-iface-state: 'external')
zář 29 12:08:26 Sidewinder pppd[4283]: Sent 906637048 bytes, received 0 bytes.
zář 29 12:08:26 Sidewinder pppd[4283]: Connect time 1.5 minutes.
zář 29 12:08:26 Sidewinder pppd[4283]: Terminating on signal 15
zář 29 12:08:26 Sidewinder NetworkManager[4271]: xl2tpd[4271]: Connection 50517 closed to placeholderIP, port 1701 (Timeout)
zář 29 12:08:26 Sidewinder NetworkManager[4271]: xl2tpd[4271]: Terminating pppd: sending TERM signal to pid 4283
zář 29 12:08:26 Sidewinder NetworkManager[4271]: xl2tpd[4271]: Maximum retries exceeded for tunnel 39747.  Closing.
zář 29 12:08:18 Sidewinder charon[4206]: 07[IKE] sending keep alive to placeholderIP[4500]
zář 29 12:08:12 Sidewinder NetworkManager[4271]: xl2tpd[4271]: handle_control: bad control packet!
zář 29 12:08:12 Sidewinder NetworkManager[4271]: xl2tpd[4271]: check_control: Received out of order control packet on tunnel 50517 (got 3, expected 4)
zář 29 12:08:04 Sidewinder NetworkManager[4271]: xl2tpd[4271]: handle_control: bad control packet!

Any Ideas, how should I solve/debug this?

2

I can’t see the error that lead up to the log you posted, but I’m guessing the bypas-lan strongswan plug-in is breaking things. I would recommend disabling it and the other experimental plugins which are often problematic and not enabled on other linux distos , e.g.:

sudo sed -i 's/load = yes/load = no/' /etc/strongswan.d/charon/bypass-lan.conf
sudo sed -i 's/load = yes/load = no/' /etc/strongswan.d/charon/connmark.conf
sudo sed -i 's/load = yes/load = no/' /etc/strongswan.d/charon/forecast.conf
sudo sed -i 's/load = yes/load = no/' /etc/strongswan.d/charon/sha3.conf

You might need to reboot as the corresponding kernel modules used by the strongswan plugins are probably already loaded.

There is some info in this bug report:

3

Hi thank you very much. It didn’t work, but I found a new log.
Previously systemctl status strongswan would do this:

zář 30 17:42:58 Sidewinder charon-systemd[541]: error uninstalling route installed with policy Placeholderaddress/32 === Placeholderaddress/32 out
zář 30 17:42:58 Sidewinder charon-systemd[541]: received netlink error: No such file or directory (2)
zář 30 17:42:58 Sidewinder charon-systemd[541]: unable to delete policy Placeholderaddress/32 === Placeholderaddress/32 out
zář 30 17:42:58 Sidewinder charon-systemd[541]: received netlink error: No such file or directory (2)
zář 30 17:42:58 Sidewinder charon-systemd[541]: unable to delete policy Placeholderaddress/32 === Placeholderaddress/32 in
zář 30 17:42:58 Sidewinder charon-systemd[541]: received netlink error: No such file or directory (2)
zář 30 17:42:58 Sidewinder charon-systemd[541]: unable to delete policy Placeholderaddress/32 === Placeholderaddress/32 fwd
zář 30 17:42:58 Sidewinder charon-systemd[541]: uninstalling shunt PASS 'policy Bypass LAN Placeholderaddress/32' failed

but disabling the plugins I’ve got this:

zář 30 17:44:59 Sidewinder charon-systemd[556]: xx80::xx8f:xxx9:xxxx:a4fe appeared on wlp0s20f3
zář 30 17:44:59 Sidewinder charon-systemd[556]: 1xx.1xx.1xx.159 appeared on wlp0s20f3
zář 30 17:45:01 Sidewinder charon-systemd[556]: flags changed for xx80::xx8f:xxx9:dbx:xxxe on wlp0s20f3
zář 30 17:45:50 Sidewinder charon-systemd[556]: 1xx.1xx.1xx.100 appeared on ppp0
zář 30 17:45:50 Sidewinder charon-systemd[556]: 1xx.1xx.1xx.100 disappeared from ppp0
zář 30 17:45:50 Sidewinder charon-systemd[556]: 1xx.1xx.1xx.100 appeared on ppp0
zář 30 17:45:50 Sidewinder charon-systemd[556]: interface ppp0 activated
zář 30 17:47:18 Sidewinder charon-systemd[556]: interface ppp0 deactivated
zář 30 17:47:18 Sidewinder charon-systemd[556]: 1xx.1xx.1xx.100 disappeared from ppp0
zář 30 17:47:18 Sidewinder charon-systemd[556]: interface ppp0 deleted

which seems much more promising.
Could downgrading network manager or kernel help?

4

Sorry I’m not sure what the issue is.

I’m guessing 1xx.1xx.1xx.100 is a spurious IP address that NetworkManager-1.36 and later add in some cases, like the following bug report: