1897440 – xl2tpd unable to hold up a tunnel

Bug 1897440 - xl2tpd unable to hold up a tunnel

Summary: xl2tpd unable to hold up a tunnel

Keywords:
Status:	CLOSED DUPLICATE of bug 1894381
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	libreswan
Sub Component:
Version:	33
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	Paul Wouters
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-11-13 05:21 UTC by Ivo Sarak
Modified:	2020-11-23 17:14 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-11-23 17:14:40 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Ivo Sarak 2020-11-13 05:21:09 UTC

Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. initiate a VPN tunnel


Actual results:
No tunnel

Expected results:
Tunnel

Additional info:

nov   13 07:08:39 l2ppar gnome-shell[1907]: libinput error: event4  - SynPS/2 Synaptics TouchPad: client bug: event processing lagging behind by 12ms, your system is too slow
nov   13 07:08:41 l2ppar google-chrome.desktop[37624]: [37654:37654:1113/070841.383777:ERROR:gl_surface_presentation_helper.cc(259)] GetVSyncParametersIfAvailable() failed for 65536 times!
nov   13 07:08:41 l2ppar NetworkManager[774]: <info>  [1605244121.7330] audit: op="connection-activate" uuid="da3193dd-8332-4f82-8ff8-b2d6dc930de6" name="Elion500" pid=1907 uid=1000 result="success"
nov   13 07:08:41 l2ppar NetworkManager[774]: <info>  [1605244121.7550] vpn-connection[0x55b15b0224c0,da3193dd-8332-4f82-8ff8-b2d6dc930de6,"Elion500",0]: Started the VPN service, PID 84571
nov   13 07:08:41 l2ppar NetworkManager[774]: <info>  [1605244121.7733] vpn-connection[0x55b15b0224c0,da3193dd-8332-4f82-8ff8-b2d6dc930de6,"Elion500",0]: Saw the service appear; activating connection
nov   13 07:08:41 l2ppar NetworkManager[774]: <info>  [1605244121.8567] vpn-connection[0x55b15b0224c0,da3193dd-8332-4f82-8ff8-b2d6dc930de6,"Elion500",0]: VPN connection: (ConnectInteractive) reply received
nov   13 07:08:41 l2ppar nm-l2tp-service[84571]: Check port 1701
nov   13 07:08:41 l2ppar NetworkManager[84585]: Redirecting to: systemctl restart ipsec.service
nov   13 07:08:41 l2ppar systemd[1]: Stopping Internet Key Exchange (IKE) Protocol Daemon for IPsec...
nov   13 07:08:41 l2ppar whack[84588]: 002 shutting down
nov   13 07:08:41 l2ppar audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 subj=system_u:system_r:ifconfig_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:41 l2ppar audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 subj=system_u:system_r:ifconfig_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:41 l2ppar audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 subj=system_u:system_r:ifconfig_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:41 l2ppar audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 subj=system_u:system_r:ifconfig_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:41 l2ppar audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 subj=system_u:system_r:ifconfig_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:41 l2ppar audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 subj=system_u:system_r:ifconfig_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:41 l2ppar systemd[1]: ipsec.service: Succeeded.
nov   13 07:08:41 l2ppar systemd[1]: Stopped Internet Key Exchange (IKE) Protocol Daemon for IPsec.
nov   13 07:08:41 l2ppar systemd[1]: ipsec.service: Consumed 16.006s CPU time.
nov   13 07:08:41 l2ppar audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=ipsec comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
nov   13 07:08:41 l2ppar systemd[1]: Starting Internet Key Exchange (IKE) Protocol Daemon for IPsec...
nov   13 07:08:42 l2ppar ipsec[84840]: nflog ipsec capture disabled
nov   13 07:08:42 l2ppar audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:42 l2ppar audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:42 l2ppar audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:42 l2ppar audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:42 l2ppar audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:42 l2ppar audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 res=1 src=0000:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=0 dst=0000:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=0
nov   13 07:08:42 l2ppar audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=ipsec comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
nov   13 07:08:42 l2ppar systemd[1]: Started Internet Key Exchange (IKE) Protocol Daemon for IPsec.
nov   13 07:08:42 l2ppar NetworkManager[84859]: 002 listening for IKE messages
nov   13 07:08:42 l2ppar NetworkManager[84859]: 002 forgetting secrets
nov   13 07:08:42 l2ppar NetworkManager[84859]: 002 loading secrets from "/etc/ipsec.secrets"
nov   13 07:08:42 l2ppar NetworkManager[84859]: 002 loading secrets from "/etc/ipsec.d/ipsec.nm-l2tp.secrets"
nov   13 07:08:42 l2ppar NetworkManager[84863]: debugging mode enabled
nov   13 07:08:42 l2ppar NetworkManager[84863]: end of file /var/run/nm-l2tp-da3193dd-8332-4f82-8ff8-b2d6dc930de6/ipsec.conf
nov   13 07:08:42 l2ppar NetworkManager[84863]: Loading conn da3193dd-8332-4f82-8ff8-b2d6dc930de6
nov   13 07:08:42 l2ppar NetworkManager[84863]: starter: left is KH_DEFAULTROUTE
nov   13 07:08:42 l2ppar NetworkManager[84863]: conn: "da3193dd-8332-4f82-8ff8-b2d6dc930de6" modecfgdns=<unset>
nov   13 07:08:42 l2ppar NetworkManager[84863]: conn: "da3193dd-8332-4f82-8ff8-b2d6dc930de6" modecfgdomains=<unset>
nov   13 07:08:42 l2ppar NetworkManager[84863]: conn: "da3193dd-8332-4f82-8ff8-b2d6dc930de6" modecfgbanner=<unset>
nov   13 07:08:42 l2ppar NetworkManager[84863]: conn: "da3193dd-8332-4f82-8ff8-b2d6dc930de6" mark=<unset>
nov   13 07:08:42 l2ppar NetworkManager[84863]: conn: "da3193dd-8332-4f82-8ff8-b2d6dc930de6" mark-in=<unset>
nov   13 07:08:42 l2ppar NetworkManager[84863]: conn: "da3193dd-8332-4f82-8ff8-b2d6dc930de6" mark-out=<unset>
nov   13 07:08:42 l2ppar NetworkManager[84863]: conn: "da3193dd-8332-4f82-8ff8-b2d6dc930de6" vti_iface=<unset>
nov   13 07:08:42 l2ppar NetworkManager[84863]: conn: "da3193dd-8332-4f82-8ff8-b2d6dc930de6" redirect-to=<unset>
nov   13 07:08:42 l2ppar NetworkManager[84863]: conn: "da3193dd-8332-4f82-8ff8-b2d6dc930de6" accept-redirect-to=<unset>
nov   13 07:08:42 l2ppar NetworkManager[84863]: conn: "da3193dd-8332-4f82-8ff8-b2d6dc930de6" esp=aes256-sha1,aes128-sha1,3des-sha1
nov   13 07:08:42 l2ppar NetworkManager[84863]: conn: "da3193dd-8332-4f82-8ff8-b2d6dc930de6" ike=aes256-sha2_256-modp2048,aes256-sha2_256-modp1536,aes256-sha1-modp2048,aes256-sha1-modp1536,aes256-sha1-ecp_384,aes128-sha1-ecp_256,3des-sha1-modp2048
nov   13 07:08:42 l2ppar NetworkManager[84863]: opening file: /var/run/nm-l2tp-da3193dd-8332-4f82-8ff8-b2d6dc930de6/ipsec.conf
nov   13 07:08:42 l2ppar NetworkManager[84863]: loading named conns: da3193dd-8332-4f82-8ff8-b2d6dc930de6
nov   13 07:08:42 l2ppar NetworkManager[84863]: seeking_src = 1, seeking_gateway = 1, has_peer = 1
nov   13 07:08:42 l2ppar NetworkManager[84863]: seeking_src = 0, seeking_gateway = 1, has_dst = 1
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst  via 192.168.100.1 dev wlp4s0 src  table 254
nov   13 07:08:42 l2ppar NetworkManager[84863]: set nexthop: 192.168.100.1
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 192.168.100.0 via  dev wlp4s0 src 192.168.100.116 table 254
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 192.168.122.0 via  dev virbr0 src 192.168.122.1 table 254
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 127.0.0.0 via  dev lo src 127.0.0.1 table 255 (ignored)
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 127.0.0.0 via  dev lo src 127.0.0.1 table 255 (ignored)
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 127.0.0.1 via  dev lo src 127.0.0.1 table 255 (ignored)
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 127.255.255.255 via  dev lo src 127.0.0.1 table 255 (ignored)
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 192.168.100.0 via  dev wlp4s0 src 192.168.100.116 table 255 (ignored)
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 192.168.100.116 via  dev wlp4s0 src 192.168.100.116 table 255 (ignored)
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 192.168.100.255 via  dev wlp4s0 src 192.168.100.116 table 255 (ignored)
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 192.168.122.0 via  dev virbr0 src 192.168.122.1 table 255 (ignored)
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 192.168.122.1 via  dev virbr0 src 192.168.122.1 table 255 (ignored)
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 192.168.122.255 via  dev virbr0 src 192.168.122.1 table 255 (ignored)
nov   13 07:08:42 l2ppar NetworkManager[84863]: seeking_src = 1, seeking_gateway = 0, has_peer = 1
nov   13 07:08:42 l2ppar NetworkManager[84863]: seeking_src = 1, seeking_gateway = 0, has_dst = 1
nov   13 07:08:42 l2ppar NetworkManager[84863]: dst 192.168.100.1 via  dev wlp4s0 src 192.168.100.116 table 254
nov   13 07:08:42 l2ppar NetworkManager[84863]: set addr: 192.168.100.116
nov   13 07:08:42 l2ppar NetworkManager[84863]: seeking_src = 0, seeking_gateway = 0, has_peer = 1
nov   13 07:08:42 l2ppar NetworkManager[84865]: 002 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #1: initiating IKEv1 Main Mode connection
nov   13 07:08:42 l2ppar NetworkManager[84865]: 102 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #1: sent Main Mode request
nov   13 07:08:42 l2ppar NetworkManager[84865]: 002 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #1: WARNING: connection da3193dd-8332-4f82-8ff8-b2d6dc930de6 PSK length of 8 bytes is too short for HMAC_SHA2_256 PRF in FIPS mode (16 bytes required)
nov   13 07:08:42 l2ppar NetworkManager[84865]: 104 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #1: sent Main Mode I2
nov   13 07:08:42 l2ppar NetworkManager[84865]: 106 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #1: sent Main Mode I3
nov   13 07:08:42 l2ppar NetworkManager[84865]: 002 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #1: Peer ID is ID_IPV4_ADDR: '90.190.182.206'
nov   13 07:08:42 l2ppar audit[84851]: CRYPTO_IKE_SA pid=84851 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 msg='op=start direction=initiator conn-name="da3193dd-8332-4f82-8ff8-b2d6dc930de6" connstate=1 ike-version=1 auth=PRESHARED_KEY cipher=aes ksize=256 integ=sha256 prf=sha256 pfs=MODP2048  raddr=90.190.182.206 exe="/usr/libexec/ipsec/pluto" hostname=? addr=192.168.100.116 terminal=? res=success'
nov   13 07:08:42 l2ppar NetworkManager[84865]: 004 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #1: IKE SA established {auth=PRESHARED_KEY cipher=AES_CBC_256 integ=HMAC_SHA2_256 group=MODP2048}
nov   13 07:08:42 l2ppar NetworkManager[84865]: 002 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #2: initiating Quick Mode PSK+ENCRYPT+UP+IKEV1_ALLOW+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:c377919e proposal=AES_CBC_256-HMAC_SHA1_96, AES_CBC_128-HMAC_SHA1_96, 3DES_CBC-HMAC_SHA1_96 pfsgroup=no-pfs}
nov   13 07:08:42 l2ppar NetworkManager[84865]: 115 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #2: sent Quick Mode request
nov   13 07:08:42 l2ppar NetworkManager[84865]: 003 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #2: NAT-Traversal: received 2 NAT-OA. Ignored because peer is not NATed
nov   13 07:08:42 l2ppar NetworkManager[84865]: 003 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #2: our client subnet returned doesn't match my proposal - us: 192.168.100.116/32 vs them: 82.131.21.44/32
nov   13 07:08:42 l2ppar audit[84851]: CRYPTO_IKE_SA pid=84851 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 msg='op=start direction=responder conn-name="da3193dd-8332-4f82-8ff8-b2d6dc930de6" connstate=2 ike-version=1 auth=PRESHARED_KEY cipher=aes ksize=256 integ=sha256 prf=sha256 pfs=MODP2048  raddr=90.190.182.206 exe="/usr/libexec/ipsec/pluto" hostname=? addr=192.168.100.116 terminal=? res=failed'
nov   13 07:08:42 l2ppar audit[84851]: CRYPTO_IPSEC_SA pid=84851 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 msg='op=destroy conn-name="da3193dd-8332-4f82-8ff8-b2d6dc930de6" connstate=2, satype=ipsec-esp samode=transport cipher=AES ksize=256 integ=HMAC_SHA1 in-spi=3282329112(0x3282329112) out-spi=2645591480(0x2645591480) in-ipcomp=0(0x00000000) out-ipcomp=0(0x000... exe="/usr/libexec/ipsec/pluto" hostname=? addr=192.168.100.116 terminal=? res=success'
nov   13 07:08:42 l2ppar audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 src=90.190.182.206 dst=192.168.100.116 spi=2645591480(0x9db085b8) res=1
nov   13 07:08:42 l2ppar NetworkManager[84865]: 218 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #2: sending encrypted notification INVALID_ID_INFORMATION to 90.190.182.206:4500
nov   13 07:08:42 l2ppar NetworkManager[84865]: 002 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #2: deleting state (STATE_QUICK_I1) aged 0.017047s and NOT sending notification
nov   13 07:08:42 l2ppar NetworkManager[84865]: 003 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #2: ERROR: netlink response for Del SA esp.c3a45e18.182.206 included errno 3: No such process
nov   13 07:08:42 l2ppar nm-l2tp-service[84571]: xl2tpd started with pid 84868
nov   13 07:08:42 l2ppar NetworkManager[84868]: xl2tpd[84868]: Not looking for kernel SAref support.
nov   13 07:08:42 l2ppar NetworkManager[84868]: xl2tpd[84868]: Using l2tp kernel support.
nov   13 07:08:42 l2ppar NetworkManager[84868]: xl2tpd[84868]: xl2tpd version xl2tpd-1.3.15 started on l2ppar PID:84868
nov   13 07:08:42 l2ppar NetworkManager[84868]: xl2tpd[84868]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
nov   13 07:08:42 l2ppar NetworkManager[84868]: xl2tpd[84868]: Forked by Scott Balmos and David Stipp, (C) 2001
nov   13 07:08:42 l2ppar NetworkManager[84868]: xl2tpd[84868]: Inherited by Jeff McAdams, (C) 2002
nov   13 07:08:42 l2ppar NetworkManager[84868]: xl2tpd[84868]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
nov   13 07:08:42 l2ppar NetworkManager[84868]: xl2tpd[84868]: Listening on IP address 0.0.0.0, port 1701
nov   13 07:08:42 l2ppar NetworkManager[84868]: xl2tpd[84868]: Connecting to host 90.190.182.206, port 1701
nov   13 07:08:42 l2ppar NetworkManager[774]: <info>  [1605244122.6285] vpn-connection[0x55b15b0224c0,da3193dd-8332-4f82-8ff8-b2d6dc930de6,"Elion500",0]: VPN plugin: state changed: starting (3)
nov   13 07:08:56 l2ppar NetworkManager[84868]: xl2tpd[84868]: death_handler: Fatal signal 15 received
nov   13 07:08:56 l2ppar NetworkManager[84868]: xl2tpd[84868]: Connection 0 closed to 90.190.182.206, port 1701 (Server closing)
nov   13 07:08:56 l2ppar NetworkManager[774]: <warn>  [1605244136.6379] vpn-connection[0x55b15b0224c0,da3193dd-8332-4f82-8ff8-b2d6dc930de6,"Elion500",0]: VPN plugin: failed: connect-failed (1)
nov   13 07:08:56 l2ppar NetworkManager[774]: <warn>  [1605244136.6401] vpn-connection[0x55b15b0224c0,da3193dd-8332-4f82-8ff8-b2d6dc930de6,"Elion500",0]: VPN plugin: failed: connect-failed (1)
nov   13 07:08:56 l2ppar NetworkManager[774]: <info>  [1605244136.6403] vpn-connection[0x55b15b0224c0,da3193dd-8332-4f82-8ff8-b2d6dc930de6,"Elion500",0]: VPN plugin: state changed: stopping (5)
nov   13 07:08:56 l2ppar audit[84851]: CRYPTO_IKE_SA pid=84851 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:ipsec_t:s0 msg='op=destroy direction=initiator conn-name="da3193dd-8332-4f82-8ff8-b2d6dc930de6" connstate=1 ike-version=1 auth=PRESHARED_KEY cipher=aes ksize=256 integ=sha256 prf=sha256 pfs=MODP2048  raddr=90.190.182.206 exe="/usr/libexec/ipsec/pluto" hostname=? addr=192.168.100.116 terminal=? res=success'
nov   13 07:08:56 l2ppar NetworkManager[84896]: 002 "da3193dd-8332-4f82-8ff8-b2d6dc930de6": terminating SAs using this connection
nov   13 07:08:56 l2ppar NetworkManager[84896]: 002 "da3193dd-8332-4f82-8ff8-b2d6dc930de6" #1: deleting state (STATE_MAIN_I4) aged 14.296428s and sending notification
nov   13 07:08:56 l2ppar nm-l2tp-service[84571]: ipsec shut down
nov   13 07:08:56 l2ppar NetworkManager[774]: <info>  [1605244136.6784] vpn-connection[0x55b15b0224c0,da3193dd-8332-4f82-8ff8-b2d6dc930de6,"Elion500",0]: VPN plugin: state changed: stopped (6)
nov   13 07:08:56 l2ppar NetworkManager[774]: <info>  [1605244136.7082] vpn-connection[0x55b15b0224c0,da3193dd-8332-4f82-8ff8-b2d6dc930de6,"Elion500",0]: VPN service disappeared

Note: System was upgraded from Fedora 32 and the very same VPN profiles did work under it.

Comment 1 Ivo Sarak 2020-11-20 17:42:32 UTC

Should there be a VPN debug interface/control anywhere to poke into?

Comment 2 Douglas Kosovic 2020-11-23 02:17:03 UTC

Regarding the "our client subnet returned doesn't match my proposal - us: 192.168.100.116/32 vs them: 82.131.21.44/32" error, I believe it is related to the following libreswan commit which removed -DALLOW_MICROSOFT_BAD_PROPOSAL with libreswan >= 4.0 :

https://github.com/libreswan/libreswan/commit/134f76cd68b7f3d442e95ca65f67cad0e500c0ba#diff-6301a2703b709daa4d84ead1c30bf67cdaf088abed68753a8f9c740f1e58b54a

Comment 3 Paul Wouters 2020-11-23 17:14:40 UTC


*** This bug has been marked as a duplicate of bug 1894381 ***

Note You need to log in before you can comment on or make changes to this bug.