VPN not working.

["Jānis Andersons | Failiem.lv" <ja...@failiem.lv>]

Hi!
I have created Network offering with capabilities:
Firewall: VirtualRouter, Vpn: VirtualRouter, Dhcp: VirtualRouter, 
SourceNat: VirtualRouter, PortForwarding: VirtualRouter, Lb: 
VirtualRouter, UserData: VirtualRouter, Dns: VirtualRouter
But I cant connect to VPN. When I access virtual router trough console I 
can see that IPsec has not started and if I start it nothing changes, 
service ipsec status shows that no tunnels is up.
When I execute: service ipsec restart, I get:
ipsec_setup: Stopping Openswan IPsec...
ipsec_setup: Starting Openswan IPsec 2.6.37-g955aaafb-dirty...
ipsec_setup: No KLIPS support found while requested, desperately falling 
back to netkey
ipsec_setup: NETKEY support found. Use protostack=netkey in 
/etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue 
with NETKEY

Also it's not possible to telnet any of ipsec ports (4500 1701 500).

Thanks in advance!

-- 
J. Andersons

Re: VPN not working. VR keeps rebooting

["Jānis Andersons | Failiem.lv" <ja...@failiem.lv>]

WEhen I run 'ipsec auto --status' it returns:

000 stats db_ops: {curr_cnt, total_cnt, maxsz} :context={0,0,0} 
trans={0,0,0} attrs={0,0,0}
000
000 "L2TP-PSK": 
xxx.xxx.xxx.xxx<xxx.xxx.xxx.xxx>[+S=C]:17/1701...%any[+S=C]:17/%any; 
unrouted; eroute owner: #0
000 "L2TP-PSK":     myip=unset; hisip=unset;
000 "L2TP-PSK":   ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 
540s; rekey_fuzz: 100%; keyingtries: 3
000 "L2TP-PSK":   policy: 
PSK+ENCRYPT+TUNNEL+DONTREKEY+IKEv2ALLOW+SAREFTRACK+lKOD+rKOD; prio: 
32,32; interface: eth2;
000 "L2TP-PSK":   newest ISAKMP SA: #0; newest IPsec SA: #0;


J\u0101nis Andersons
http://serveri.failiem.lv
http://files.fm
http://failiem.lv
mobile: +371 26606064
ja@failiem.lv

On 28.09.2016 09:51, Jayapal Reddy wrote:
> Hi Janis,
>
> To see the ipsec vpn connection status please use the below command.
> 'ipsec auto --status'
>
> ipsec ports (4500 1701 500) are udp ports. Did you use 'nc' command to
> check the ports.
>
> If the VR is rebooting continuously please check the management server logs
> to see why it is rebooting.
>
> Thanks,
> Jayapal
>
> On Tue, Sep 27, 2016 at 11:58 PM, J\u0101nis Andersons | Failiem.lv <
> ja@failiem.lv> wrote:
>
>> I tried to reboot virtual router. Now it just keeps rebooting and doesn't
>> start up.
>>
>> J\u0101nis Andersons
>> http://serveri.failiem.lv
>> http://files.fm
>> http://failiem.lv
>> mobile: +371 26606064
>> ja@failiem.lv
>>
>> On 27.09.2016 16:10, J\u0101nis Andersons | Failiem.lv wrote:
>>
>>> Hi!
>>> I have created Network offering with capabilities:
>>> Firewall: VirtualRouter, Vpn: VirtualRouter, Dhcp: VirtualRouter,
>>> SourceNat: VirtualRouter, PortForwarding: VirtualRouter, Lb: VirtualRouter,
>>> UserData: VirtualRouter, Dns: VirtualRouter
>>> But I cant connect to VPN. When I access virtual router trough console I
>>> can see that IPsec has not started and if I start it nothing changes,
>>> service ipsec status shows that no tunnels is up.
>>> When I execute: service ipsec restart, I get:
>>> ipsec_setup: Stopping Openswan IPsec...
>>> ipsec_setup: Starting Openswan IPsec 2.6.37-g955aaafb-dirty...
>>> ipsec_setup: No KLIPS support found while requested, desperately falling
>>> back to netkey
>>> ipsec_setup: NETKEY support found. Use protostack=netkey in
>>> /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue with
>>> NETKEY
>>>
>>> Also it's not possible to telnet any of ipsec ports (4500 1701 500).
>>>
>>> Thanks in advance!
>>>
>>>

Re: VPN not working. VR keeps rebooting

[Jayapal Reddy <ja...@gmail.com>]

Hi Janis,

To see the ipsec vpn connection status please use the below command.
'ipsec auto --status'

ipsec ports (4500 1701 500) are udp ports. Did you use 'nc' command to
check the ports.

If the VR is rebooting continuously please check the management server logs
to see why it is rebooting.

Thanks,
Jayapal

On Tue, Sep 27, 2016 at 11:58 PM, Jānis Andersons | Failiem.lv <
ja@failiem.lv> wrote:

> I tried to reboot virtual router. Now it just keeps rebooting and doesn't
> start up.
>
> Jānis Andersons
> http://serveri.failiem.lv
> http://files.fm
> http://failiem.lv
> mobile: +371 26606064
> ja@failiem.lv
>
> On 27.09.2016 16:10, Jānis Andersons | Failiem.lv wrote:
>
>> Hi!
>> I have created Network offering with capabilities:
>> Firewall: VirtualRouter, Vpn: VirtualRouter, Dhcp: VirtualRouter,
>> SourceNat: VirtualRouter, PortForwarding: VirtualRouter, Lb: VirtualRouter,
>> UserData: VirtualRouter, Dns: VirtualRouter
>> But I cant connect to VPN. When I access virtual router trough console I
>> can see that IPsec has not started and if I start it nothing changes,
>> service ipsec status shows that no tunnels is up.
>> When I execute: service ipsec restart, I get:
>> ipsec_setup: Stopping Openswan IPsec...
>> ipsec_setup: Starting Openswan IPsec 2.6.37-g955aaafb-dirty...
>> ipsec_setup: No KLIPS support found while requested, desperately falling
>> back to netkey
>> ipsec_setup: NETKEY support found. Use protostack=netkey in
>> /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue with
>> NETKEY
>>
>> Also it's not possible to telnet any of ipsec ports (4500 1701 500).
>>
>> Thanks in advance!
>>
>>
>

Re: VPN not working. VR keeps rebooting

["Jānis Andersons | Failiem.lv" <ja...@failiem.lv>]

I tried to reboot virtual router. Now it just keeps rebooting and 
doesn't start up.

J\u0101nis Andersons
http://serveri.failiem.lv
http://files.fm
http://failiem.lv
mobile: +371 26606064
ja@failiem.lv

On 27.09.2016 16:10, J\u0101nis Andersons | Failiem.lv wrote:
> Hi!
> I have created Network offering with capabilities:
> Firewall: VirtualRouter, Vpn: VirtualRouter, Dhcp: VirtualRouter, 
> SourceNat: VirtualRouter, PortForwarding: VirtualRouter, Lb: 
> VirtualRouter, UserData: VirtualRouter, Dns: VirtualRouter
> But I cant connect to VPN. When I access virtual router trough console 
> I can see that IPsec has not started and if I start it nothing 
> changes, service ipsec status shows that no tunnels is up.
> When I execute: service ipsec restart, I get:
> ipsec_setup: Stopping Openswan IPsec...
> ipsec_setup: Starting Openswan IPsec 2.6.37-g955aaafb-dirty...
> ipsec_setup: No KLIPS support found while requested, desperately 
> falling back to netkey
> ipsec_setup: NETKEY support found. Use protostack=netkey in 
> /etc/ipsec.conf to avoid attempts to use KLIPS. Attempting to continue 
> with NETKEY
>
> Also it's not possible to telnet any of ipsec ports (4500 1701 500).
>
> Thanks in advance!
>