# openswan and xl2tpd with plugin dhcpc for ppp

## opotonil

I have configured ipsec with openswan and xl2tpd. All is working ok when dhcp range to assign is configured in xl2tpd but when I try to assign the IP using remote dhcp (dnsmasq on local router) not work.

Logs show the next info:

```

Feb 14 18:59:11 server ipsec_setup: Starting Openswan IPsec U2.6.38/K3.4.2-hardened-r1...

Feb 14 18:59:11 server ipsec_setup: Using NETKEY(XFRM) stack

Feb 14 18:59:11 server ipsec_setup: ...Openswan IPsec started

Feb 14 18:59:11 server ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d

Feb 14 18:59:11 server pluto: adjusting ipsec.d to /etc/ipsec.d

Feb 14 18:59:11 server ipsec__plutorun: 002 added connection description "road_warrior"

Feb 14 18:59:16 server xl2tpd[19823]: setsockopt recvref[30]: Protocol not available

Feb 14 18:59:16 server xl2tpd[19823]: Using l2tp kernel support.

Feb 14 18:59:16 server xl2tpd[19824]: xl2tpd version xl2tpd-1.3.1 started on server PID:19824

Feb 14 18:59:16 server xl2tpd[19824]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.

Feb 14 18:59:16 server xl2tpd[19824]: Forked by Scott Balmos and David Stipp, (C) 2001

Feb 14 18:59:16 server xl2tpd[19824]: Inherited by Jeff McAdams, (C) 2002

Feb 14 18:59:16 server xl2tpd[19824]: Forked again by Xelerance (www.xelerance.com) (C) 2006

Feb 14 18:59:16 server xl2tpd[19824]: Listening on IP address 0.0.0.0, port 1701

Feb 14 19:00:01 server cron[19837]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons)

Feb 14 19:04:49 server xl2tpd[19824]: control_finish: Peer requested tunnel 55 twice, ignoring second one.

Feb 14 19:04:49 server xl2tpd[19824]: Connection established to xxx.xxx.xx.xx, 60490.  Local: 45611, Remote: 55 (ref=0/0).  LNS session is 'default'

Feb 14 19:04:49 server xl2tpd[19824]: start_pppd: I'm running:

Feb 14 19:04:49 server xl2tpd[19824]: "/usr/sbin/pppd"

Feb 14 19:04:49 server xl2tpd[19824]: "passive"

Feb 14 19:04:49 server xl2tpd[19824]: "nodetach"

Feb 14 19:04:49 server xl2tpd[19824]: "192.168.255.2:0.0.0.0"

Feb 14 19:04:49 server xl2tpd[19824]: "refuse-pap"

Feb 14 19:04:49 server xl2tpd[19824]: "auth"

Feb 14 19:04:49 server xl2tpd[19824]: "require-chap"

Feb 14 19:04:49 server xl2tpd[19824]: "file"

Feb 14 19:04:49 server xl2tpd[19824]: "/etc/ppp/options"

Feb 14 19:04:49 server xl2tpd[19824]: "ipparam"

Feb 14 19:04:49 server xl2tpd[19824]: "xxx.xxx.xx.xx"

Feb 14 19:04:49 server xl2tpd[19824]: "plugin"

Feb 14 19:04:49 server xl2tpd[19824]: "pppol2tp.so"

Feb 14 19:04:49 server xl2tpd[19824]: "pppol2tp"

Feb 14 19:04:49 server xl2tpd[19824]: "8"

Feb 14 19:04:49 server xl2tpd[19824]: Call established with xxx.xxx.xx.xx, Local: 21483, Remote: 15752, Serial: 1

Feb 14 19:04:49 server pppd[19890]: Plugin dhcpc.so loaded.

Feb 14 19:04:49 server pppd[19890]: DHCPC: plugin initialized

Feb 14 19:04:49 server pppd[19890]: Plugin dhcpc.so loaded.

Feb 14 19:04:49 server pppd[19890]: DHCPC: plugin initialized

Feb 14 19:04:49 server pppd[19890]: Plugin pppol2tp.so loaded.

Feb 14 19:04:49 server pppd[19890]: pppd 2.4.5 started by xxxxxxxxx, uid 0

Feb 14 19:04:49 server pppd[19890]: using channel 6

Feb 14 19:04:49 server pppd[19890]: Using interface ppp0

Feb 14 19:04:49 server pppd[19890]: Connect: ppp0 <-->

Feb 14 19:04:49 server pppd[19890]: Overriding mtu 1500 to 1410

Feb 14 19:04:49 server pppd[19890]: PPPoL2TP options: debugmask 0

Feb 14 19:04:49 server pppd[19890]: Overriding mru 1500 to mtu value 1410

Feb 14 19:04:49 server pppd[19890]: sent [LCP ConfReq id=0x1 <mru 1410> <asyncmap 0x0> <auth chap MD5> <magic 0x6b437ed2>]

Feb 14 19:04:49 server pppd[19890]: rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x1d35b304> <pcomp> <accomp>]

Feb 14 19:04:49 server pppd[19890]: sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x1d35b304> <pcomp> <accomp>]

Feb 14 19:04:49 server pppd[19890]: rcvd [LCP ConfAck id=0x1 <mru 1410> <asyncmap 0x0> <auth chap MD5> <magic 0x6b437ed2>]

Feb 14 19:04:49 server pppd[19890]: Overriding mtu 1500 to 1410

Feb 14 19:04:49 server pppd[19890]: PPPoL2TP options: debugmask 0

Feb 14 19:04:49 server pppd[19890]: sent [CHAP Challenge id=0x9e <45b090b2270e5bed004c382adea5843b0a>, name = "server"]

Feb 14 19:04:49 server pppd[19890]: rcvd [LCP EchoReq id=0x0 magic=0x1d35b304]

Feb 14 19:04:49 server pppd[19890]: sent [LCP EchoRep id=0x0 magic=0x6b437ed2]

Feb 14 19:04:49 server pppd[19890]: rcvd [CHAP Response id=0x9e <a351994d3cedfb29d419ac2ee9b91ce7>, name = "mobile"]

Feb 14 19:04:49 server pppd[19890]: sent [CHAP Success id=0x9e "Access granted"]

Feb 14 19:04:49 server pppd[19890]: DHCPC: ip_choose_hook entered with peer name mobile

Feb 14 19:04:49 server pppd[19890]: DHCPC: calling ip_choose_hook for previously loaded module

Feb 14 19:04:49 server pppd[19890]: DHCPC: ip_choose_hook entered with peer name mobile

Feb 14 19:04:49 server pppd[19890]: DHCPC: calling ip_choose_hook for previously loaded module

Feb 14 19:04:49 server pppd[19890]: DHCPC: ip_choose_hook entered with peer name mobile

Feb 14 19:04:49 server pppd[19890]: DHCPC: calling ip_choose_hook for previously loaded module

Feb 14 19:04:49 server pppd[19890]: DHCPC: ip_choose_hook entered with peer name mobile

Feb 14 19:04:49 server pppd[19890]: DHCPC: calling ip_choose_hook for previously loaded module

...

...

```

```

Feb 14 19:05:05 server kernel: [426779.800575] grsec: From xxx.xxx.x.xxx: denied resource overstep by requesting 8392704 for RLIMIT_STACK against limit 8388608 for /usr/sbin/pppd[pppd:19890] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/xl2tpd[xl2tpd:19824] uid/euid:0/0 gid/egid:0/0

Feb 14 19:05:05 server kernel: [426779.800597] grsec: From xxx.xxx.x.xxx: denied resource overstep by requesting 8392704 for RLIMIT_STACK against limit 8388608 for /usr/sbin/pppd[pppd:19890] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/xl2tpd[xl2tpd:19824] uid/euid:0/0 gid/egid:0/0

Feb 14 19:05:05 server kernel: [426779.800611] grsec: From xxx.xxx.x.xxx: Segmentation fault occurred at            (nil) in /usr/sbin/pppd[pppd:19890] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/xl2tpd[xl2tpd:19824] uid/euid:0/0 gid/egid:0/0

Feb 14 19:05:05 server kernel: [426779.800627] grsec: From xxx.xxx.x.xxx: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/sbin/pppd[pppd:19890] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/xl2tpd[xl2tpd:19824] uid/euid:0/0 gid/egid:0/0

```

----------

