mpd- no ng_l2tp coming up
Da Rock
freebsd-net at herveybayaustralia.com.au
Sat Mar 19 02:25:48 UTC 2011
On 03/19/11 00:38, Ermal Luçi wrote:
> On Fri, Mar 18, 2011 at 3:25 PM, Da Rock
> <freebsd-net at herveybayaustralia.com.au> wrote:
>
>> On 03/19/11 00:03, Mike Tancsa wrote:
>>
>>> On 3/18/2011 6:44 AM, Da Rock wrote:
>>>
>>>
>>>> First, the connection from Android (apparently uses mtpd- I just found
>>>> out) fails at SCCRP- apparently it doesn't respond to the challenge
>>>> response (logs posted previously). Using xl2tpd (apparently- linux only)
>>>> you have a l2tp-secrets file with the local hostname, remote hostname,
>>>> and the secret in that order.
>>>>
>>>>
>>>
>>>
>>>> How do I do this in mpd? I tried the
>>>> hostname directive, but its still no good. Or is this never going to
>>>> work with mpd? Just use it without secrets?
>>>>
>>>>
>>> There are username/passwd credentials and LAC-LNS credentials which are
>>> different and it sounds like you are confusing the two. You just need
>>> to put the userid and passwd in the mpd.secrets file.
>>>
>>>
>> I don't think I'm confusing the 2. I understand the ppp user login, and I
>> understand the peer credentials- the error I see in the log is in relation
>> to the peer credentials. If I run mpd on the FBSD system as a client with a
>> secret then it connects. Android fails here- it will connect if I remove the
>> secret from the server config (btw I'm still using my original server
>> config- it was roughly the same as yours anyway, so I seem to have been on
>> the right track). So whats different?
>>
>> Android logs in as peer "anonymous". I haven't found anything specific in
>> the manual (or maybe I missed it) that tells me how to do this. On linux
>> apparently there's a l2tp-secrets file (xl2tpd uses it at least) which has
>> "<local server> <remote peer> <secret> <(optional) IP>" per line. Seeing as
>> android is linux, and uses mtpd (a linux l2tp client) then shouldn't I find
>> a way for this? Or am I being paranoid?
>>
>> This is to secure the control connection, but I will be using this with
>> IPSEC. How much does/would this matter?
>>
>>>
>>>
>>>> Second, why does mpd die (as in terminated- no process running) when
>>>> this fails?
>>>>
>>>>
>>> Are you running it in the foreground ? Just run it with mpd -b
>>>
>>>
>> No, rc service. But I have to actually start it again after this failure-
>> beats me why it would throw it in with a very basic error like that. The
>> logs I posted earlier showed it up- the CS-DYING is thrown (assertion
>> failure), and mpd4 or 5 dies. For that matter I think l2tpd dies for the
>> same reason- whatever that is...
>>
>> I'll try with -b and get back to you.
>>
>>> ---Mike
>>>
>>>
>> _______________________________________________
>> freebsd-net at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-net
>> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>>
>>
> Well check this out http://doc.pfsense.org/index.php/Android_VPN_Connectivity.
> Behind teh scenes pfSense uses mpd so this might be useful.
>
Thanks for the ref. I believe I stumbled on something similar in my
latest round of googling. However, I do want to understand this better-
why not? Is there anyway to discover how to make this happen? I will
have to use it as is for now, but I want to sort this out in the near
future.
One thing that does confuse me also is why it fails on say l2tpd (close
to xl2tpd) when all information on the net says it should- and it
terminates on the same error. The dearth of info out there is frustrating...
More information about the freebsd-net
mailing list