Problems with L2TP VPN
Problems with L2TP VPN
- Subject: Problems with L2TP VPN
- From: Rick Mann <email@hidden>
- Date: Wed, 2 Dec 2009 11:37:24 -0800
I started a new job at a large company that has pretty stupid policies. But because it's large, there are ways around them. To get around them, I have to use VPN while at work.
I have two machines configured identically, but one always works, and the other rarely works. Both are running 10.6.2. I can log in to the VPN on both with the same credentials. On the working machine, everything is fine at this point. On the non-working machine, although the VPN authentication succeeds and I get a new IP address for ppp0, VPN-bound traffic just fails (visiting webpages time out after a long time, Mail connections never succeed, etc). The VPN connection is then dropped after 5-10 minutes.
Yesterday, I finally tried restarting the bad machine to see if that would fix anything, and it did. I was able to connect, use all the secure services, and the connection stayed up.
I took the machine home, used it in other places, and came back today, and the bad behavior started up again. I tried restarting it again, thinking something is corrupting my network stack, but that didn't help.
I have a sneaking suspicion that the routing isn't being properly set up, and that the connection is being terminated due to timeout.
Can anyone help me examine the network stack state of the two machines to look for differences that might lend a clue? Thanks!
FYI, the Console shows this for pppd (I've tried to obfuscate the IPs by replacing the first group with "XXX" and "YYY"):
12/2/09 11:12:30 pppd[262] pppd 2.4.2 (Apple version 412) started by rmann, uid 501
12/2/09 11:12:35 pppd[262] L2TP connecting to server 'XXX.21.200.10' (XXX.21.200.10)...
12/2/09 11:12:35 pppd[262] IPSec connection started
12/2/09 11:12:37 pppd[262] IPSec connection established
12/2/09 11:12:38 pppd[262] L2TP connection established.
12/2/09 11:12:38 pppd[262] Connect: ppp0 <--> socket[34:18]
12/2/09 11:12:43 pppd[262] PAP authentication succeeded
12/2/09 11:12:43 pppd[262] local IP address XXX.21.230.106
12/2/09 11:12:43 pppd[262] remote IP address XXX.21.200.12
12/2/09 11:12:43 pppd[262] primary DNS address YYY.145.50.3
12/2/09 11:12:43 pppd[262] secondary DNS address YYY.145.50.4
12/2/09 11:12:43 pppd[262] l2tp_wait_input: Address added. previous interface setting (name: en1, address: XXX.21.216.160), current interface setting (name: ppp0, family: PPP, address: XXX.21.230.106, subnet: 255.255.0.0, destination: XXX.21.200.12).
12/2/09 11:18:21 pppd[262] Serial link appears to be disconnected.
12/2/09 11:18:21 pppd[262] Connection terminated.
12/2/09 11:18:21 pppd[262] L2TP disconnecting...
12/2/09 11:18:21 pppd[262] L2TP disconnected _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden