Problem with Gateway ID

[rgerbranda]

Ubuntu 16.04 Desktop, new installation

I try to configure IPsec tunnel to L2TP host

• when I leave "Gateway ID" empty, the L2TP host returns: INVALID_ID_INFORMATION
• when I add a value to "Gateway ID" VPN fails on the Desktop. From the syslog:

Jul 6 11:12:10 Ubuntu-Desktop NetworkManager[745]: [1499332330.2524] vpn-connection[0x1813450,a2bcee3b-b3fc-4882-9971-a7c84fdcd882,"VPN connection 1",0]: VPN service disappeared Jul 6 11:12:44 Ubuntu-Desktop NetworkManager[745]: [1499332364.1532] keyfile: update /etc/NetworkManager/system-connections/VPN connection 1 (a2bcee3b-b3fc-4882-9971-a7c84fdcd882,"VPN connection 1") Jul 6 11:12:44 Ubuntu-Desktop NetworkManager[745]: [1499332364.1536] audit: op="connection-update" uuid="a2bcee3b-b3fc-4882-9971-a7c84fdcd882" name="VPN connection 1" pid=4174 uid=1000 result="success" Jul 6 11:12:46 Ubuntu-Desktop NetworkManager[745]: [1499332366.5255] audit: op="connection-activate" uuid="a2bcee3b-b3fc-4882-9971-a7c84fdcd882" name="VPN connection 1" pid=3997 uid=1000 result="success" Jul 6 11:12:46 Ubuntu-Desktop NetworkManager[745]: [1499332366.5370] vpn-connection[0x1813630,a2bcee3b-b3fc-4882-9971-a7c84fdcd882,"VPN connection 1",0]: Started the VPN service, PID 4190 Jul 6 11:12:46 Ubuntu-Desktop NetworkManager[745]: [1499332366.5657] vpn-connection[0x1813630,a2bcee3b-b3fc-4882-9971-a7c84fdcd882,"VPN connection 1",0]: Saw the service appear; activating connection Jul 6 11:12:46 Ubuntu-Desktop NetworkManager[745]: [1499332366.7403] vpn-connection[0x1813630,a2bcee3b-b3fc-4882-9971-a7c84fdcd882,"VPN connection 1",0]: VPN connection: (ConnectInteractive) reply received Jul 6 11:12:46 Ubuntu-Desktop NetworkManager[745]: nm-l2tp[4190] ipsec enable flag: yes Jul 6 11:12:46 Ubuntu-Desktop NetworkManager[745]: [1499332366.7674] vpn-connection[0x1813630,a2bcee3b-b3fc-4882-9971-a7c84fdcd882,"VPN connection 1",0]: VPN service disappeared Jul 6 11:12:46 Ubuntu-Desktop NetworkManager[745]: [1499332366.7705] vpn-connection[0x1813630,a2bcee3b-b3fc-4882-9971-a7c84fdcd882,"VPN connection 1",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'

Your support is appreciated

[dkosovic]

I assume you are using the PPA network-manger-l2tp 1.2.6 package or a current git checkout ?

You might need to stop the xl2tpd service, see :

• https://github.com/nm-l2tp/network-manager-l2tp#issue-with-not-stopping-system-xl2tpd-service

If that doesn't work, could you try the following (which are the same two ipsec commands network-manager-l2tp would issue) :

sudo systemctl restart network-manager
sudo ipsec restart --conf /var/run/nm-l2tp-ipsec-a2bcee3b-b3fc-4882-9971-a7c84fdcd882.conf --debug
sudo ipsec up a2bcee3b-b3fc-4882-9971-a7c84fdcd882

is your IPsec connection actually up ? You can confirm by issuing sudo ipsec status.

In network-manger-l2tp 1.2.6 a 10 second timeout was introduced to kill the ipsec up command if the VPN connection wasn't established. Previously in some situations like when wrong arguments were supplied, the ipsec up command would never terminate.

You might also want to look into if your VPN server is using legacy ciphers that strongswan considers broken, see the IPsec IKEv1 ciphers section on following page:

• https://github.com/nm-l2tp/network-manager-l2tp/wiki/Known-Issues

[rgerbranda]

Hi Douglas,

Thanks you so much. It was the xl2tpd service. I stopped the service and afterwards I was able to connect to our L2TP host.

Kind regards, Remko