some thing error with ipsec? how can i do this?

durokgit commented 7 years ago

the auth.log pasted (ubuntu 16.04 xen server)

Oct 10 10:51:08 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #1: responding to Main Mode from unknown peer 118.115.239.253
Oct 10 10:51:08 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 10 10:51:08 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #1: STATE_MAIN_R1: sent MR1, expecting MI2
Oct 10 10:51:11 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #2: responding to Main Mode from unknown peer 118.115.239.253
Oct 10 10:51:11 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #2: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 10 10:51:11 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #2: STATE_MAIN_R1: sent MR1, expecting MI2
Oct 10 10:51:14 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #3: responding to Main Mode from unknown peer 118.115.239.253
Oct 10 10:51:14 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #3: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 10 10:51:14 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #3: STATE_MAIN_R1: sent MR1, expecting MI2
Oct 10 10:51:17 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #4: responding to Main Mode from unknown peer 118.115.239.253
Oct 10 10:51:17 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #4: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 10 10:51:17 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #4: STATE_MAIN_R1: sent MR1, expecting MI2
Oct 10 10:51:20 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #5: responding to Main Mode from unknown peer 118.115.239.253
Oct 10 10:51:20 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #5: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 10 10:51:20 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #5: STATE_MAIN_R1: sent MR1, expecting MI2
Oct 10 10:51:23 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #6: responding to Main Mode from unknown peer 118.115.239.253
Oct 10 10:51:23 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #6: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 10 10:51:23 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #6: STATE_MAIN_R1: sent MR1, expecting MI2
Oct 10 10:51:26 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #7: responding to Main Mode from unknown peer 118.115.239.253
Oct 10 10:51:26 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #7: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 10 10:51:26 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #7: STATE_MAIN_R1: sent MR1, expecting MI2
Oct 10 10:51:29 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #8: responding to Main Mode from unknown peer 118.115.239.253
Oct 10 10:51:29 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #8: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 10 10:51:29 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #8: STATE_MAIN_R1: sent MR1, expecting MI2
Oct 10 10:51:32 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #9: responding to Main Mode from unknown peer 118.115.239.253
Oct 10 10:51:32 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #9: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 10 10:51:32 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #9: STATE_MAIN_R1: sent MR1, expecting MI2
Oct 10 10:51:35 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #10: responding to Main Mode from unknown peer 118.115.239.253
Oct 10 10:51:35 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #10: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Oct 10 10:51:35 test pluto[4453]: "l2tp-psk"[1] 118.115.239.253 #10: STATE_MAIN_R1: sent MR1, expecting MI2

repeat the same logs until connect failed.

sherry0319 commented 7 years ago

I get the exactly same error and I don't know why. It works well before today(10/10/2017).

hwdsl2 commented 7 years ago

@durokgit @sherry0319 Hello! The logs indicate that there is some firewall (for example, if you are in China) blocking VPN traffic. Or maybe you did not open the required ports (both UDP 500 and UDP 4500) on your server. This does not look like an issue with the VPN scripts.

You may want to try the following:

Reboot the VPN server, reboot your VPN client, and try connecting again.
Switch to a different VPS server (with a different IP), or try another VPS provider.
Connect using a different VPN client, and/or connect from another network (e.g. 4G instead of Wi-Fi).
Try alternative solutions, such as Shadowsocks or OpenVPN.

durokgit commented 7 years ago

i call the server provider to change the IP, that resolve the issue

hwdsl2 / setup-ipsec-vpn

some thing error with ipsec? how can i do this? #233