search

xelerance / xl2tpd

Official Xelerance fork of L2TPd
GNU General Public License v2.0
525 stars 203 forks source link

handle_avps: don't know how to handle attribute 46 #153

Open mdavidsaver opened 6 years ago

mdavidsaver commented 6 years ago

I'm trying to use strongswan+xl2tpd for the first time. I'm having some difficulty. The ipsec tunnel is apparently setup correctly, but the L2TP tunnel is not. The first error message I see is:

handle_avps:  don't know how to handle attribute 46.

Following this leads me to L2TP Disconnect Cause Information RFC3145 and the conclusion that this is a symptom, not a cause. Still there might be useful troubleshooting information in here.

As background. I don't know what sort of device is on the other side of this connection, through I could find out if it's helpful. I'm using the debian packaged version 1.3.8+dfsg-1 of xl2tpd along with strongswan 5.5.1-4+deb9u2. I'm trying to follow these instructions.

The relevant (redacted) log messages from xl2tpd

Jun 28 09:52:57 xl2tpd[23707]: Connecting to host XXX.XXX.XXX.XXX, port 1701
Jun 28 09:52:57 xl2tpd[23707]: Connection established to XXX.XXX.XXX.XXX, 1701.  Local: 51651, Remote: 7209 (ref=0/0).
Jun 28 09:52:57 xl2tpd[23707]: Calling on tunnel 51651
Jun 28 09:52:57 xl2tpd[23707]: Call established with XXX.XXX.XXX.XXX, Local: 46353, Remote: 19732, Serial: 4 (ref=0/0)
Jun 28 09:52:57 xl2tpd[23707]: start_pppd: I'm running:
Jun 28 09:52:57 xl2tpd[23707]: "/usr/sbin/pppd"
Jun 28 09:52:57 xl2tpd[23707]: "plugin"
Jun 28 09:52:57 xl2tpd[23707]: "pppol2tp.so"
Jun 28 09:52:57 xl2tpd[23707]: "pppol2tp"
Jun 28 09:52:57 xl2tpd[23707]: "7"
Jun 28 09:52:57 xl2tpd[23707]: "passive"
Jun 28 09:52:57 xl2tpd[23707]: "nodetach"
Jun 28 09:52:57 xl2tpd[23707]: ":"
Jun 28 09:52:57 xl2tpd[23707]: "debug"
Jun 28 09:52:57 xl2tpd[23707]: "file"
Jun 28 09:52:57 xl2tpd[23707]: "/etc/ppp/options.l2tpd.client"
Jun 28 09:52:58 xl2tpd[23707]: handle_avps:  don't know how to handle attribute 46.
Jun 28 09:52:58 xl2tpd[23707]: control_finish: Connection closed to XXX.XXX.XXX.XXX, serial 4 (Disconnected by local PPP)
Jun 28 09:52:58 xl2tpd[23707]: Terminating pppd: sending TERM signal to pid 24577
Jun 28 09:53:04 charon: 10[KNL] interface ppp0 deleted
Jun 28 09:53:15 xl2tpd[23707]: result_code_avp: avp is incorrect size.  8 < 10
Jun 28 09:53:15 xl2tpd[23707]: handle_avps: Bad exit status handling attribute 1 (Result Code) on mandatory packet.
Jun 28 09:53:15 xl2tpd[23707]: Connection 7209 closed to XXX.XXX.XXX.XXX, port 1701 (Result Code: expected at least 10, got 8)
Jun 28 09:53:46 xl2tpd[23707]: Unable to deliver closing message for tunnel 51651. Destroying anyway.
shussain commented 6 years ago

@ mdavidsaver can you please provide your xl2tpd configuraitons (I realize you provided a link to the tutorial you used but I just want to ensure I am looking at your latest configuration)

mdavidsaver commented 6 years ago 
cat /etc/xl2tpd/xl2tpd.conf 
[lac ABC]
lns = XXX.XXX.XXX.XXX
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
cat /etc/ppp/options.l2tpd.client
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-chap
noccp
noauth
mtu 1280
mru 1280
noipdefault
defaultroute
usepeerdns
connect-delay 5000
name 
password

/etc/xl2tpd/l2tp-secrets contains only comments.

mdavidsaver commented 6 years ago

So the "Disconnect Cause Information" probably contains a message along the lines of "you're an idiot". I was omitting the username and password from options.l2tpd.client.

shussain commented 6 years ago

It happens to all of us. :smile:

Closing ticket. Good luck with your VPN.

mdavidsaver commented 6 years ago

I'll leave it you whether to reopen, but I intended this as a feature request. It would have saved me some portion of the past 2 hours if xl2tpd could parse Attribute Type 46 messages (RFC3145) and log the error information they contain.

shussain commented 6 years ago

Fair enough. Reopening this issue .