1529082 – The VPN connection via L2TP/IPsec stopped working with the latest kernel 4.14

Bug 1529082 - The VPN connection via L2TP/IPsec stopped working with the latest kernel 4.14

Summary: The VPN connection via L2TP/IPsec stopped working with the latest kernel 4.14

Keywords:
Status:	CLOSED DUPLICATE of bug 1526203
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	NetworkManager-l2tp
Sub Component:
Version:	27
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	Douglas Kosovic
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-12-26 09:45 UTC by Giordano Battilana
Modified:	2017-12-26 11:17 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-12-26 11:17:39 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
The NetworkManager output obtained from journalctl (12.29 KB, text/plain) 2017-12-26 09:45 UTC, Giordano Battilana	no flags	Details
View All

Description Giordano Battilana 2017-12-26 09:45:38 UTC

Created attachment 1372402 [details]
The NetworkManager output obtained from journalctl

Description of problem:
Fedora recently upgraded the kernel to version 4.14. I have a VPN L2TP/IPsec that stopped working after the upgrade. If I choose a kernel 4.13 it works

Version-Release number of selected component (if applicable):
The kernel (uname -a): 
Linux merlino 4.14.8-300.fc27.x86_64 #1 SMP Wed Dec 20 19:00:18 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

NetworkManager-l2tp.x86_64                 1.2.8-3.fc27                @fedora  
NetworkManager-l2tp-gnome.x86_64           1.2.8-3.fc27                @fedora  
xl2tpd.x86_64                              1.3.8-5.fc27                @fedora 

How reproducible:
It happens all the time with 4.14.x kernels

Additional info:
In attachment the output of journalctl -u NetworkManager --since today with the NetworkManager output with some personal info obfuscated.

Comment 1 Douglas Kosovic 2017-12-26 11:17:39 UTC

Keep an eye on this netdev linux kernel mailing list thread :

https://patchwork.ozlabs.org/patch/838470/

It has info on the kernel 4.14 commit that broke IPsec transport mode when a wildcard address is used on the client side like what NetworkManager-l2tp does.

*** This bug has been marked as a duplicate of bug 1526203 ***

Note You need to log in before you can comment on or make changes to this bug.