# IPsec works, L2TP does not

## SignOfZeta

I can't seem to get xl2tpd 1.2.4 up and running on my system.  OpenSWAN works beautifully, but I can't get any L2TP daemon to work.

Let me know if you need to see any config files.  Below is an excerpt from /var/log/messages (public IP addresses changed to protect the innocent).

```
Sep  3 15:43:20 gentooserver xl2tpd[5191]: setsockopt recvref[22]: Protocol not available

Sep  3 15:43:20 gentooserver xl2tpd[5191]: This binary does not support kernel L2TP.

Sep  3 15:43:20 gentooserver xl2tpd[5192]: xl2tpd version xl2tpd-1.2.4 started on gentooserver PID:5192

Sep  3 15:43:20 gentooserver xl2tpd[5192]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.

Sep  3 15:43:20 gentooserver xl2tpd[5192]: Forked by Scott Balmos and David Stipp, (C) 2001

Sep  3 15:43:20 gentooserver xl2tpd[5192]: Inherited by Jeff McAdams, (C) 2002

Sep  3 15:43:20 gentooserver xl2tpd[5192]: Forked again by Xelerance (www.xelerance.com) (C) 2006

Sep  3 15:43:20 gentooserver xl2tpd[5192]: Listening on IP address 192.0.2.1, port 1701

Sep  3 15:43:25 gentooserver pluto[13112]: packet from 172.16.2.196:500: received Vendor ID payload [RFC 3947] method set to=109 

Sep  3 15:43:25 gentooserver pluto[13112]: packet from 172.16.2.196:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110 

Sep  3 15:43:25 gentooserver pluto[13112]: packet from 172.16.2.196:500: ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]

Sep  3 15:43:25 gentooserver pluto[13112]: packet from 172.16.2.196:500: ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]

Sep  3 15:43:25 gentooserver pluto[13112]: packet from 172.16.2.196:500: ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]

Sep  3 15:43:25 gentooserver pluto[13112]: packet from 172.16.2.196:500: ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]

Sep  3 15:43:25 gentooserver pluto[13112]: packet from 172.16.2.196:500: ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]

Sep  3 15:43:25 gentooserver pluto[13112]: packet from 172.16.2.196:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 110

Sep  3 15:43:25 gentooserver pluto[13112]: packet from 172.16.2.196:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110

Sep  3 15:43:25 gentooserver pluto[13112]: packet from 172.16.2.196:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110

Sep  3 15:43:25 gentooserver pluto[13112]: packet from 172.16.2.196:500: received Vendor ID payload [Dead Peer Detection]

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: responding to Main Mode from unknown peer 172.16.2.196

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: STATE_MAIN_R1: sent MR1, expecting MI2

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): both are NATed

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: STATE_MAIN_R2: sent MR2, expecting MI3

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: Main mode peer ID is ID_IPV4_ADDR: '172.16.2.196'

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: I did not send a certificate because I do not have one.

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: Dead Peer Detection (RFC 3706): enabled

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: ignoring informational payload, type IPSEC_INITIAL_CONTACT

Sep  3 15:43:25 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: received and ignored informational message

Sep  3 15:43:26 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #12: responding to Quick Mode {msgid:0da9239c}

Sep  3 15:43:26 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #12: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1

Sep  3 15:43:26 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #12: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2

Sep  3 15:43:26 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #12: Dead Peer Detection (RFC 3706): enabled

Sep  3 15:43:26 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #12: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2

Sep  3 15:43:26 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #12: STATE_QUICK_R2: IPsec SA established {ESP/NAT=>0x0bddb30b <0x409eca55 xfrm=AES_128-HMAC_SHA1 NATD=172.16.2.196:4500 DPD=enabled}

Sep  3 15:43:28 gentooserver xl2tpd[5192]: control_finish: Peer requested tunnel 8 twice, ignoring second one.

Sep  3 15:43:29 gentooserver xl2tpd[5192]: control_finish: Peer requested tunnel 8 twice, ignoring second one.

Sep  3 15:43:33 gentooserver xl2tpd[5192]: control_finish: Peer requested tunnel 8 twice, ignoring second one.

Sep  3 15:43:33 gentooserver xl2tpd[5192]: Maximum retries exceeded for tunnel 20734.  Closing.

Sep  3 15:43:41 gentooserver xl2tpd[5192]: control_finish: Peer requested tunnel 8 twice, ignoring second one.

Sep  3 15:43:41 gentooserver xl2tpd[5192]: Connection 8 closed to 172.16.2.196, port 50162 (Timeout)

Sep  3 15:43:46 gentooserver xl2tpd[5192]: Unable to deliver closing message for tunnel 20734. Destroying anyway.

Sep  3 15:43:46 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: received Delete SA(0x0bddb30b) payload: deleting IPSEC State #12

Sep  3 15:43:46 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: received and ignored informational message

Sep  3 15:43:46 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196 #11: received Delete SA payload: deleting ISAKMP State #11

Sep  3 15:43:46 gentooserver pluto[13112]: "roadwarrior-ipv4"[6] 172.16.2.196: deleting connection "roadwarrior-ipv4" instance with peer 172.16.2.196 {isakmp=#0/ipsec=#0}

Sep  3 15:43:46 gentooserver pluto[13112]: packet from 172.16.2.196:4500: received and ignored informational message

```

----------

