Bug 1529938 - 4.14.x kernel breaks IPSEC based VPN
Summary: 4.14.x kernel breaks IPSEC based VPN
Keywords:
Status: CLOSED DUPLICATE of bug 1526203
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 26
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-12-31 10:51 UTC by Will Foster
Modified: 2017-12-31 10:58 UTC (History)
17 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-12-31 10:58:44 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)
/var/log/messages for VPN connection. (6.58 KB, text/plain)
2017-12-31 10:51 UTC, Will Foster 		no flags Details
View All

Description Will Foster 2017-12-31 10:51:46 UTC 
Created attachment 1374862 [details]
/var/log/messages for VPN connection.

Description of problem:

Prior to kernel 4.13.x IPSec L2TP-based VPN works, when I boot into any 4.14.x kernel it stops working.


Version-Release number of selected component (if applicable):

Works in 4.13.16 and prior
Does not work in 4.14.5 or 4.14.8.

This is with no changes at all, just booting a 4.14.x kernel.


How reproducible:


Steps to Reproduce:
1. Take a working IPSEC / L2TP VPN in 4.13.x kernel or prior
2. Try to use the same VPN on 4.14.8
3.

Actual results:

--snip--
Dec 27 23:25:26 oberschnutz NetworkManager[991]: xl2tpd[3910]: Forked by Scott Balmos and David Stipp, (C) 2001
Dec 27 23:25:26 oberschnutz NetworkManager[991]: xl2tpd[3910]: Inherited by Jeff McAdams, (C) 2002
Dec 27 23:25:26 oberschnutz NetworkManager[991]: xl2tpd[3910]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
Dec 27 23:25:26 oberschnutz NetworkManager[991]: xl2tpd[3910]: Listening on IP address 0.0.0.0, port 1701
Dec 27 23:25:26 oberschnutz NetworkManager[991]: xl2tpd[3910]: Connecting to host XX.XXX.XX.XX, port 1701
Dec 27 23:25:26 oberschnutz NetworkManager[991]: <info>  [1514417126.2945] vpn-connection[0x5649d357d2d0,3fa7dcfd-fd54-407c-ba65-0df0e26245bb,"Example-VPN",0]: VPN plugin: state changed: starting (3)
Dec 27 23:25:26 oberschnutz audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 src=192.168.1.134 dst=XX.XXX.XX.XX spi=253252948(0xf185554) res=1
Dec 27 23:25:26 oberschnutz audit: MAC_IPSEC_EVENT op=SAD-add auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 src=XX.XXX.XX.XX dst=192.168.1.134 spi=1425016910(0x54f0084e) res=1
Dec 27 23:25:26 oberschnutz audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 res=1 src=192.168.1.134 dst=XX.XXX.XX.XX
Dec 27 23:25:26 oberschnutz audit[3877]: CRYPTO_IPSEC_SA pid=3877 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 msg='op=start conn-name="3fa7dcfd-fd54-407c-ba65-0df0e26245bb" connstate=3, satype=ipsec-esp samode=transport cipher=3DES ksize=0 integ=HMAC_SHA1 in-spi=253252948(0x0f185554) out-spi=1425016910(0x54f0084e) in-ipcomp=0(0x00000000) out-ipcomp=0(0x00000000) laddr exe="/usr/libexec/ipsec/pluto" hostname=? addr=XX.XXX.XX.XX terminal=? res=success'
Dec 27 23:25:40 oberschnutz NetworkManager[991]: xl2tpd[3910]: death_handler: Fatal signal 15 received
Dec 27 23:25:40 oberschnutz NetworkManager[991]: xl2tpd[3910]: Connection 0 closed to XX.XXX.XX.XX, port 1701 (Server closing)
--snip--


Expected results:


Additional info:
Comment 1 Will Foster 2017-12-31 10:58:44 UTC 

*** This bug has been marked as a duplicate of bug 1526203 ***
Note You need to log in before you can comment on or make changes to this bug.