You are not logged in.

#1 2021-12-09 08:46:46

pierric
Member
Registered: 2021-04-12
Posts: 11

VPN stopped working

Hi !

Adapting instructions from an Ubuntu-oriented guide, I had been able to set up VPN access to my company's network, and had been using it for quite a few months without issue (in fact it was more convenient and faster than on the company-provided Windows laptop).

However recently it started failing. I thought it was a password expiration issue but after resetting it properly, I find I still can't connect. I've looked into the logs and... well, I'm way out of my league here. I'm attaching the journalctl output, recording from just before I try enabling the VPN to when it's completely given up and I'm back to normal connectivity. The slowest step is when it's trying to connect to the remote on port 1701; however it seems there are errors before that so that's probably not the root cause. The remote server is responding to pings and from the logs it seems there is some conversation going on.

I'm using networkmanager-l2tp, using the systray applet from networkmanager-applet, and strongswan. Because the dates might have coincided with an upgrade of strongswan, I've tried downgrading to the July version for diagnosis, but it changed nothing (have now reverted to current).

I've replaced the remote IP by 1.2.3.4 in the logs.

Can anyone help me understand what's up from the logs?

Cheers,
Pierric.

Journal log:

Dec 09 09:20:32 hddarch NetworkManager[414]: <info>  [1639038032.8774] audit: op="connection-activate" uuid="69820fb2-ab43-4338-ab38-66ab1dda48f1" name="MY VPN" pid=11273 uid=1000 result="success"
Dec 09 09:20:32 hddarch audit[414]: USYS_CONFIG pid=414 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=69820fb2-ab43-4338-ab38-66ab1dda48f1 name=5345204C4F4E pid=11273 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
Dec 09 09:20:32 hddarch NetworkManager[414]: <info>  [1639038032.8795] vpn-connection[0x56305d64c7a0,69820fb2-ab43-4338-ab38-66ab1dda48f1,"MY VPN",0]: Started the VPN service, PID 42366
Dec 09 09:20:32 hddarch kernel: audit: type=1111 audit(1639038032.874:260): pid=414 uid=0 auid=4294967295 ses=4294967295 msg='op=connection-activate uuid=69820fb2-ab43-4338-ab38-66ab1dda48f1 name=5345204C4F4E pid=11273 uid=1000 result=success exe="/usr/bin/NetworkManager" hostname=? addr=? terminal=? res=success'
Dec 09 09:20:32 hddarch NetworkManager[414]: <info>  [1639038032.8846] vpn-connection[0x56305d64c7a0,69820fb2-ab43-4338-ab38-66ab1dda48f1,"MY VPN",0]: Saw the service appear; activating connection
Dec 09 09:20:32 hddarch NetworkManager[414]: <info>  [1639038032.8884] vpn-connection[0x56305d64c7a0,69820fb2-ab43-4338-ab38-66ab1dda48f1,"MY VPN",0]: VPN connection: (ConnectInteractive) reply received
Dec 09 09:20:32 hddarch nm-l2tp-service[42366]: Check port 1701
Dec 09 09:20:32 hddarch NetworkManager[42379]: Stopping strongSwan IPsec failed: starter is not running
Dec 09 09:20:34 hddarch NetworkManager[42376]: Starting strongSwan 5.9.4 IPsec [starter]...
Dec 09 09:20:34 hddarch NetworkManager[42376]: Loading config setup
Dec 09 09:20:34 hddarch NetworkManager[42376]: Loading conn '69820fb2-ab43-4338-ab38-66ab1dda48f1'
Dec 09 09:20:34 hddarch ipsec_starter[42376]: Starting strongSwan 5.9.4 IPsec [starter]...
Dec 09 09:20:34 hddarch ipsec_starter[42376]: Loading config setup
Dec 09 09:20:34 hddarch ipsec_starter[42376]: Loading conn '69820fb2-ab43-4338-ab38-66ab1dda48f1'
Dec 09 09:20:34 hddarch ipsec_starter[42405]: Attempting to start charon...
Dec 09 09:20:34 hddarch charon[42406]: 00[DMN] Starting IKE charon daemon (strongSwan 5.9.4, Linux 5.15.5-arch1-1, x86_64)
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] PKCS11 module '<name>' lacks library path
Dec 09 09:20:34 hddarch charon[42406]: 00[LIB] plugin 'mysql' failed to load: libmariadb.so.3: cannot open shared object file: No such file or directory
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] attr-sql plugin: database URI not set
Dec 09 09:20:34 hddarch charon[42406]: 00[NET] using forecast interface enp2s0
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] joining forecast multicast groups: 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG]   loaded IKE secret for %any
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] sql plugin: database URI not set
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] loaded 0 RADIUS server configurations
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] HA config misses local/remote address
Dec 09 09:20:34 hddarch charon[42406]: 00[CFG] no script for ext-auth script defined, disabled
Dec 09 09:20:34 hddarch charon[42406]: 00[LIB] loaded plugins: charon ldap pkcs11 aesni aes des rc2 sha2 sha3 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ntru drbg newhope bliss curl sqlite attr kernel-netlink resolve socket-default bypass-lan connmark forecast farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp radattr unity counters
Dec 09 09:20:34 hddarch charon[42406]: 00[LIB] dropped capabilities, running as uid 0, gid 0
Dec 09 09:20:34 hddarch charon[42406]: 00[JOB] spawning 16 worker threads
Dec 09 09:20:34 hddarch audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.1.0 src_prefixlen=24 dst=192.168.1.0 dst_prefixlen=24
Dec 09 09:20:34 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=184 a0=9 a1=7fcd52907410 a2=b8 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:34 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:34 hddarch audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.1.0 src_prefixlen=24 dst=192.168.1.0 dst_prefixlen=24
Dec 09 09:20:34 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=184 a0=9 a1=7fcd52907410 a2=b8 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:34 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:34 hddarch audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.1.0 src_prefixlen=24 dst=192.168.1.0 dst_prefixlen=24
Dec 09 09:20:34 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=184 a0=9 a1=7fcd52907410 a2=b8 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:34 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:34 hddarch audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
Dec 09 09:20:34 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=184 a0=9 a1=7fcd52907410 a2=b8 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:34 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:34 hddarch audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
Dec 09 09:20:34 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=184 a0=9 a1=7fcd52907410 a2=b8 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:34 hddarch kernel: audit: type=1415 audit(1639038034.964:261): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.1.0 src_prefixlen=24 dst=192.168.1.0 dst_prefixlen=24
Dec 09 09:20:34 hddarch kernel: audit: type=1300 audit(1639038034.964:261): arch=c000003e syscall=44 success=yes exit=184 a0=9 a1=7fcd52907410 a2=b8 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:34 hddarch kernel: audit: type=1327 audit(1639038034.964:261): proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:34 hddarch kernel: audit: type=1415 audit(1639038034.964:262): op=SPD-add auid=4294967295 ses=4294967295 res=1 src=192.168.1.0 src_prefixlen=24 dst=192.168.1.0 dst_prefixlen=24
Dec 09 09:20:34 hddarch kernel: audit: type=1300 audit(1639038034.964:262): arch=c000003e syscall=44 success=yes exit=184 a0=9 a1=7fcd52907410 a2=b8 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:34 hddarch kernel: audit: type=1327 audit(1639038034.964:262): proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:34 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:34 hddarch audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
Dec 09 09:20:34 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=184 a0=9 a1=7fcd52907410 a2=b8 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:34 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:34 hddarch audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
Dec 09 09:20:34 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=184 a0=9 a1=7fcd52907410 a2=b8 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:34 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:34 hddarch audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
Dec 09 09:20:34 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=184 a0=9 a1=7fcd52907410 a2=b8 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:34 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:34 hddarch audit: MAC_IPSEC_EVENT op=SPD-add auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
Dec 09 09:20:34 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=184 a0=9 a1=7fcd52907410 a2=b8 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:34 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:34 hddarch charon[42406]: 05[IKE] installed bypass policy for 192.168.1.0/24
Dec 09 09:20:34 hddarch charon[42406]: 05[IKE] installed bypass policy for ::1/128
Dec 09 09:20:34 hddarch charon[42406]: 05[IKE] installed bypass policy for fe80::/64
Dec 09 09:20:34 hddarch ipsec_starter[42405]: charon (42406) started after 20 ms
Dec 09 09:20:34 hddarch charon[42406]: 09[CFG] received stroke: add connection '69820fb2-ab43-4338-ab38-66ab1dda48f1'
Dec 09 09:20:34 hddarch charon[42406]: 09[CFG] added configuration '69820fb2-ab43-4338-ab38-66ab1dda48f1'
Dec 09 09:20:35 hddarch charon[42406]: 01[CFG] rereading secrets
Dec 09 09:20:35 hddarch charon[42406]: 01[CFG] loading secrets from '/etc/ipsec.secrets'
Dec 09 09:20:35 hddarch charon[42406]: 01[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
Dec 09 09:20:35 hddarch charon[42406]: 01[CFG]   loaded IKE secret for %any
Dec 09 09:20:35 hddarch charon[42406]: 15[CFG] received stroke: initiate '69820fb2-ab43-4338-ab38-66ab1dda48f1'
Dec 09 09:20:35 hddarch charon[42406]: 06[IKE] initiating Main Mode IKE_SA 69820fb2-ab43-4338-ab38-66ab1dda48f1[1] to 1.2.3.4
Dec 09 09:20:35 hddarch charon[42406]: 06[IKE] initiating Main Mode IKE_SA 69820fb2-ab43-4338-ab38-66ab1dda48f1[1] to 1.2.3.4
Dec 09 09:20:35 hddarch charon[42406]: 06[ENC] generating ID_PROT request 0 [ SA V V V V V ]
Dec 09 09:20:35 hddarch charon[42406]: 06[NET] sending packet: from 192.168.1.37[500] to 1.2.3.4[500] (236 bytes)
Dec 09 09:20:36 hddarch charon[42406]: 16[NET] received packet: from 1.2.3.4[500] to 192.168.1.37[500] (156 bytes)
Dec 09 09:20:36 hddarch charon[42406]: 16[ENC] parsed ID_PROT response 0 [ SA V V V V ]
Dec 09 09:20:36 hddarch charon[42406]: 16[IKE] received XAuth vendor ID
Dec 09 09:20:36 hddarch charon[42406]: 16[IKE] received DPD vendor ID
Dec 09 09:20:36 hddarch charon[42406]: 16[IKE] received FRAGMENTATION vendor ID
Dec 09 09:20:36 hddarch charon[42406]: 16[IKE] received NAT-T (RFC 3947) vendor ID
Dec 09 09:20:36 hddarch charon[42406]: 16[CFG] selected proposal: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Dec 09 09:20:36 hddarch charon[42406]: 16[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Dec 09 09:20:36 hddarch charon[42406]: 16[NET] sending packet: from 192.168.1.37[500] to 1.2.3.4[500] (244 bytes)
Dec 09 09:20:36 hddarch charon[42406]: 07[NET] received packet: from 1.2.3.4[500] to 192.168.1.37[500] (244 bytes)
Dec 09 09:20:36 hddarch charon[42406]: 07[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Dec 09 09:20:36 hddarch charon[42406]: 07[IKE] local host is behind NAT, sending keep alives
Dec 09 09:20:36 hddarch charon[42406]: 07[ENC] generating ID_PROT request 0 [ ID HASH ]
Dec 09 09:20:36 hddarch charon[42406]: 07[NET] sending packet: from 192.168.1.37[4500] to 1.2.3.4[4500] (68 bytes)
Dec 09 09:20:36 hddarch charon[42406]: 12[NET] received packet: from 1.2.3.4[4500] to 192.168.1.37[4500] (68 bytes)
Dec 09 09:20:36 hddarch charon[42406]: 12[ENC] parsed ID_PROT response 0 [ ID HASH ]
Dec 09 09:20:36 hddarch charon[42406]: 12[IKE] IKE_SA 69820fb2-ab43-4338-ab38-66ab1dda48f1[1] established between 192.168.1.37[192.168.1.37]...1.2.3.4[1.2.3.4]
Dec 09 09:20:36 hddarch charon[42406]: 12[IKE] IKE_SA 69820fb2-ab43-4338-ab38-66ab1dda48f1[1] established between 192.168.1.37[192.168.1.37]...1.2.3.4[1.2.3.4]
Dec 09 09:20:36 hddarch charon[42406]: 12[IKE] scheduling reauthentication in 9819s
Dec 09 09:20:36 hddarch charon[42406]: 12[IKE] maximum IKE_SA lifetime 10359s
Dec 09 09:20:36 hddarch charon[42406]: 12[ENC] generating QUICK_MODE request 3591937250 [ HASH SA No ID ID NAT-OA NAT-OA ]
Dec 09 09:20:36 hddarch charon[42406]: 12[NET] sending packet: from 192.168.1.37[4500] to 1.2.3.4[4500] (244 bytes)
Dec 09 09:20:36 hddarch charon[42406]: 05[NET] received packet: from 1.2.3.4[4500] to 192.168.1.37[4500] (188 bytes)
Dec 09 09:20:36 hddarch charon[42406]: 05[ENC] parsed QUICK_MODE response 3591937250 [ HASH SA No ID ID NAT-OA NAT-OA ]
Dec 09 09:20:36 hddarch charon[42406]: 05[CFG] selected proposal: ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ
Dec 09 09:20:36 hddarch charon[42406]: 05[KNL] received netlink error: Function not implemented (38)
Dec 09 09:20:36 hddarch charon[42406]: 05[KNL] unable to add SAD entry with SPI c477f87f (FAILED)
Dec 09 09:20:36 hddarch charon[42406]: 05[KNL] received netlink error: Function not implemented (38)
Dec 09 09:20:36 hddarch charon[42406]: 05[KNL] unable to add SAD entry with SPI c6f256be (FAILED)
Dec 09 09:20:36 hddarch charon[42406]: 05[IKE] unable to install inbound and outbound IPsec SA (SAD) in kernel
Dec 09 09:20:36 hddarch charon[42406]: 05[KNL] deleting policy 1.2.3.4/32[udp/l2f] === 192.168.1.37/32[udp/l2f] in failed, not found
Dec 09 09:20:36 hddarch audit: MAC_IPSEC_EVENT op=SAD-delete auid=4294967295 ses=4294967295 src=1.2.3.4 dst=192.168.1.37 spi=3296196735(0xc477f87f) res=1
Dec 09 09:20:36 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=40 a0=9 a1=7fcd529075f0 a2=28 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:36 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:36 hddarch charon[42406]: 05[ENC] generating INFORMATIONAL_V1 request 1620868845 [ HASH N(NO_PROP) ]
Dec 09 09:20:36 hddarch charon[42406]: 05[NET] sending packet: from 192.168.1.37[4500] to 1.2.3.4[4500] (76 bytes)
Dec 09 09:20:36 hddarch NetworkManager[42443]: initiating Main Mode IKE_SA 69820fb2-ab43-4338-ab38-66ab1dda48f1[1] to 1.2.3.4
Dec 09 09:20:36 hddarch NetworkManager[42443]: generating ID_PROT request 0 [ SA V V V V V ]
Dec 09 09:20:36 hddarch NetworkManager[42443]: sending packet: from 192.168.1.37[500] to 1.2.3.4[500] (236 bytes)
Dec 09 09:20:36 hddarch NetworkManager[42443]: received packet: from 1.2.3.4[500] to 192.168.1.37[500] (156 bytes)
Dec 09 09:20:36 hddarch NetworkManager[42443]: parsed ID_PROT response 0 [ SA V V V V ]
Dec 09 09:20:36 hddarch NetworkManager[42443]: received XAuth vendor ID
Dec 09 09:20:36 hddarch NetworkManager[42443]: received DPD vendor ID
Dec 09 09:20:36 hddarch NetworkManager[42443]: received FRAGMENTATION vendor ID
Dec 09 09:20:36 hddarch NetworkManager[42443]: received NAT-T (RFC 3947) vendor ID
Dec 09 09:20:36 hddarch NetworkManager[42443]: selected proposal: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Dec 09 09:20:36 hddarch NetworkManager[42443]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Dec 09 09:20:36 hddarch NetworkManager[42443]: sending packet: from 192.168.1.37[500] to 1.2.3.4[500] (244 bytes)
Dec 09 09:20:36 hddarch NetworkManager[42443]: received packet: from 1.2.3.4[500] to 192.168.1.37[500] (244 bytes)
Dec 09 09:20:36 hddarch NetworkManager[42443]: parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Dec 09 09:20:36 hddarch NetworkManager[42443]: local host is behind NAT, sending keep alives
Dec 09 09:20:36 hddarch NetworkManager[42443]: generating ID_PROT request 0 [ ID HASH ]
Dec 09 09:20:36 hddarch NetworkManager[42443]: sending packet: from 192.168.1.37[4500] to 1.2.3.4[4500] (68 bytes)
Dec 09 09:20:36 hddarch NetworkManager[42443]: received packet: from 1.2.3.4[4500] to 192.168.1.37[4500] (68 bytes)
Dec 09 09:20:36 hddarch NetworkManager[42443]: parsed ID_PROT response 0 [ ID HASH ]
Dec 09 09:20:36 hddarch NetworkManager[42443]: IKE_SA 69820fb2-ab43-4338-ab38-66ab1dda48f1[1] established between 192.168.1.37[192.168.1.37]...1.2.3.4[1.2.3.4]
Dec 09 09:20:36 hddarch NetworkManager[42443]: scheduling reauthentication in 9819s
Dec 09 09:20:36 hddarch NetworkManager[42443]: maximum IKE_SA lifetime 10359s
Dec 09 09:20:36 hddarch NetworkManager[42443]: generating QUICK_MODE request 3591937250 [ HASH SA No ID ID NAT-OA NAT-OA ]
Dec 09 09:20:36 hddarch NetworkManager[42443]: sending packet: from 192.168.1.37[4500] to 1.2.3.4[4500] (244 bytes)
Dec 09 09:20:36 hddarch NetworkManager[42443]: received packet: from 1.2.3.4[4500] to 192.168.1.37[4500] (188 bytes)
Dec 09 09:20:36 hddarch NetworkManager[42443]: parsed QUICK_MODE response 3591937250 [ HASH SA No ID ID NAT-OA NAT-OA ]
Dec 09 09:20:36 hddarch NetworkManager[42443]: selected proposal: ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ
Dec 09 09:20:36 hddarch NetworkManager[42443]: received netlink error: Function not implemented (38)
Dec 09 09:20:36 hddarch NetworkManager[42443]: unable to add SAD entry with SPI c477f87f (FAILED)
Dec 09 09:20:36 hddarch NetworkManager[42443]: received netlink error: Function not implemented (38)
Dec 09 09:20:36 hddarch NetworkManager[42443]: unable to add SAD entry with SPI c6f256be (FAILED)
Dec 09 09:20:36 hddarch NetworkManager[42443]: unable to install inbound and outbound IPsec SA (SAD) in kernel
Dec 09 09:20:36 hddarch NetworkManager[42443]: deleting policy 1.2.3.4/32[udp/l2f] === 192.168.1.37/32[udp/l2f] in failed, not found
Dec 09 09:20:36 hddarch NetworkManager[42443]: generating INFORMATIONAL_V1 request 1620868845 [ HASH N(NO_PROP) ]
Dec 09 09:20:36 hddarch NetworkManager[42443]: sending packet: from 192.168.1.37[4500] to 1.2.3.4[4500] (76 bytes)
Dec 09 09:20:36 hddarch NetworkManager[42443]: establishing connection '69820fb2-ab43-4338-ab38-66ab1dda48f1' failed
Dec 09 09:20:36 hddarch kernel: kauditd_printk_skb: 21 callbacks suppressed
Dec 09 09:20:36 hddarch kernel: audit: type=1415 audit(1639038036.307:270): op=SAD-delete auid=4294967295 ses=4294967295 src=1.2.3.4 dst=192.168.1.37 spi=3296196735(0xc477f87f) res=1
Dec 09 09:20:36 hddarch kernel: audit: type=1300 audit(1639038036.307:270): arch=c000003e syscall=44 success=yes exit=40 a0=9 a1=7fcd529075f0 a2=28 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:36 hddarch kernel: audit: type=1327 audit(1639038036.307:270): proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:36 hddarch nm-l2tp-service[42366]: xl2tpd started with pid 42461
Dec 09 09:20:36 hddarch NetworkManager[42461]: xl2tpd[42461]: Not looking for kernel SAref support.
Dec 09 09:20:36 hddarch NetworkManager[414]: <info>  [1639038036.4797] vpn-connection[0x56305d64c7a0,69820fb2-ab43-4338-ab38-66ab1dda48f1,"MY VPN",0]: VPN plugin: state changed: starting (3)
Dec 09 09:20:36 hddarch NetworkManager[42461]: xl2tpd[42461]: L2TP kernel support not detected (try modprobing l2tp_ppp and pppol2tp)
Dec 09 09:20:36 hddarch NetworkManager[42461]: xl2tpd[42461]: xl2tpd version xl2tpd-1.3.16 started on hddarch PID:42461
Dec 09 09:20:36 hddarch NetworkManager[42461]: xl2tpd[42461]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Dec 09 09:20:36 hddarch NetworkManager[42461]: xl2tpd[42461]: Forked by Scott Balmos and David Stipp, (C) 2001
Dec 09 09:20:36 hddarch NetworkManager[42461]: xl2tpd[42461]: Inherited by Jeff McAdams, (C) 2002
Dec 09 09:20:36 hddarch NetworkManager[42461]: xl2tpd[42461]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
Dec 09 09:20:36 hddarch NetworkManager[42461]: xl2tpd[42461]: Listening on IP address 0.0.0.0, port 1701
Dec 09 09:20:36 hddarch NetworkManager[42461]: xl2tpd[42461]: Connecting to host 1.2.3.4, port 1701
Dec 09 09:20:50 hddarch NetworkManager[42461]: xl2tpd[42461]: death_handler: Fatal signal 15 received
Dec 09 09:20:50 hddarch NetworkManager[414]: <warn>  [1639038050.4939] vpn-connection[0x56305d64c7a0,69820fb2-ab43-4338-ab38-66ab1dda48f1,"MY VPN",0]: VPN plugin: failed: connect-failed (1)
Dec 09 09:20:50 hddarch NetworkManager[414]: <warn>  [1639038050.4939] vpn-connection[0x56305d64c7a0,69820fb2-ab43-4338-ab38-66ab1dda48f1,"MY VPN",0]: VPN plugin: failed: connect-failed (1)
Dec 09 09:20:50 hddarch NetworkManager[414]: <info>  [1639038050.4939] vpn-connection[0x56305d64c7a0,69820fb2-ab43-4338-ab38-66ab1dda48f1,"MY VPN",0]: VPN plugin: state changed: stopping (5)
Dec 09 09:20:50 hddarch NetworkManager[42626]: Stopping strongSwan IPsec...
Dec 09 09:20:50 hddarch charon[42406]: 00[DMN] SIGINT received, shutting down
Dec 09 09:20:50 hddarch charon[42406]: 00[IKE] deleting IKE_SA 69820fb2-ab43-4338-ab38-66ab1dda48f1[1] between 192.168.1.37[192.168.1.37]...1.2.3.4[1.2.3.4]
Dec 09 09:20:50 hddarch charon[42406]: 00[IKE] deleting IKE_SA 69820fb2-ab43-4338-ab38-66ab1dda48f1[1] between 192.168.1.37[192.168.1.37]...1.2.3.4[1.2.3.4]
Dec 09 09:20:50 hddarch charon[42406]: 00[IKE] sending DELETE for IKE_SA 69820fb2-ab43-4338-ab38-66ab1dda48f1[1]
Dec 09 09:20:50 hddarch charon[42406]: 00[ENC] generating INFORMATIONAL_V1 request 3950717071 [ HASH D ]
Dec 09 09:20:50 hddarch audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
Dec 09 09:20:50 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
Dec 09 09:20:50 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
Dec 09 09:20:50 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
Dec 09 09:20:50 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
Dec 09 09:20:50 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
Dec 09 09:20:50 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.1.0 src_prefixlen=24 dst=192.168.1.0 dst_prefixlen=24
Dec 09 09:20:50 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.1.0 src_prefixlen=24 dst=192.168.1.0 dst_prefixlen=24
Dec 09 09:20:50 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch audit: MAC_IPSEC_EVENT op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=192.168.1.0 src_prefixlen=24 dst=192.168.1.0 dst_prefixlen=24
Dec 09 09:20:50 hddarch audit[42406]: SYSCALL arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch audit: PROCTITLE proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch charon[42406]: 00[NET] sending packet: from 192.168.1.37[4500] to 1.2.3.4[4500] (84 bytes)
Dec 09 09:20:50 hddarch kernel: audit: type=1415 audit(1639038050.504:271): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
Dec 09 09:20:50 hddarch kernel: audit: type=1300 audit(1639038050.504:271): arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch kernel: audit: type=1327 audit(1639038050.504:271): proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch kernel: audit: type=1415 audit(1639038050.504:272): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
Dec 09 09:20:50 hddarch kernel: audit: type=1300 audit(1639038050.504:272): arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch kernel: audit: type=1327 audit(1639038050.504:272): proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch kernel: audit: type=1415 audit(1639038050.504:273): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=fe80:0000:0000:0000:0000:0000:0000:0000 src_prefixlen=64 dst=fe80:0000:0000:0000:0000:0000:0000:0000 dst_prefixlen=64
Dec 09 09:20:50 hddarch kernel: audit: type=1300 audit(1639038050.504:273): arch=c000003e syscall=44 success=yes exit=80 a0=9 a1=7ffefadef460 a2=50 a3=0 items=0 ppid=42405 pid=42406 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="charon" exe="/usr/lib/strongswan/charon" key=(null)
Dec 09 09:20:50 hddarch kernel: audit: type=1327 audit(1639038050.504:273): proctitle=2F7573722F6C69622F7374726F6E677377616E2F636861726F6E002D2D7573652D7379736C6F67
Dec 09 09:20:50 hddarch kernel: audit: type=1415 audit(1639038050.504:274): op=SPD-delete auid=4294967295 ses=4294967295 res=1 src=0000:0000:0000:0000:0000:0000:0000:0001 dst=0000:0000:0000:0000:0000:0000:0000:0001
Dec 09 09:20:50 hddarch charon[42406]: 00[IKE] uninstalling bypass policy for 192.168.1.0/24
Dec 09 09:20:50 hddarch charon[42406]: 00[IKE] uninstalling bypass policy for ::1/128
Dec 09 09:20:50 hddarch charon[42406]: 00[IKE] uninstalling bypass policy for fe80::/64
Dec 09 09:20:50 hddarch ipsec_starter[42405]: child 42406 (charon) has quit (exit code 0)
Dec 09 09:20:50 hddarch ipsec_starter[42405]:
Dec 09 09:20:50 hddarch ipsec_starter[42405]: charon stopped after 200 ms
Dec 09 09:20:50 hddarch ipsec_starter[42405]: ipsec starter stopped
Dec 09 09:20:50 hddarch nm-l2tp-service[42366]: ipsec shut down
Dec 09 09:20:50 hddarch NetworkManager[414]: <info>  [1639038050.6113] vpn-connection[0x56305d64c7a0,69820fb2-ab43-4338-ab38-66ab1dda48f1,"MY VPN",0]: VPN plugin: state changed: stopped (6)
Dec 09 09:20:50 hddarch NetworkManager[414]: <info>  [1639038050.6115] vpn-connection[0x56305d64c7a0,69820fb2-ab43-4338-ab38-66ab1dda48f1,"MY VPN",0]: VPN service disappeared

Offline

#2 2021-12-09 20:43:18

ivanoff
Member
Registered: 2012-03-18
Posts: 66

Re: VPN stopped working

unable to install inbound and outbound IPsec SA (SAD) in kernel

I would suspect a kernel module issue here.  Errors start from there.
Strongswan seems to necessitate specific options. Don't know if they are those of Arch : https://wiki.strongswan.org/projects/st … nelModules

Offline

#3 2021-12-10 16:56:19

pierric
Member
Registered: 2021-04-12
Posts: 11

Re: VPN stopped working

Thank you ivanoff!

I took the list of mandatory modules listed in that page, modprobe'd them all, and it worked (one of them, tunnel, doesn't actually exist on my system, but that didn't prevent the VPN from working successfully).

Now I'd need to find out if they were loaded automatically before, why they're not anymore, and how to make them load automatically again in the cleanest way (I remember there's a module configuration somewhere, I'll have to look into that).

Thanks again!
Pierric.

Offline

#4 2021-12-10 19:22:11

ivanoff
Member
Registered: 2012-03-18
Posts: 66

Re: VPN stopped working

Cool!
You can also include modules directly in the inital ramdisk to make sure they are included in the kernel https://wiki.archlinux.org/title/Mkinitcpio

Offline

#5 2021-12-11 13:34:51

pierric
Member
Registered: 2021-04-12
Posts: 11

Re: VPN stopped working

Thank you, I will look into this! I've seen there is also the option to add modules to a .conf file in  /etc/modules-load.d - in theory, but I have yet to try this out.

Cheers
,
Pierric.

Offline

#6 2021-12-19 08:31:41

Strike0
Member
From: Germany
Registered: 2011-09-05
Posts: 1,429

Re: VPN stopped working

Offline

#7 2022-05-11 12:02:15

fakefred
Member
From: Shanghai
Registered: 2021-07-17
Posts: 5
Website

Re: VPN stopped working

pierric wrote:

I took the list of mandatory modules listed in that page, modprobe'd them all, and it worked (one of them, tunnel, doesn't actually exist on my system, but that didn't prevent the VPN from working successfully).

Excuse my obtusity, but are these the kernel modules I need to modprobe:

ah4
ah6
esp4
esp6
xfrm4_tunnel
xfrm6_tunnel
xfrm_user
ip_tunnel
tunnel
tunnel6
xfrm4_mode_tunnel
xfrm6_mode_tunnel

when I modprobe each of them all I got was

modprobe: FATAL: Module xxx not found in directory /lib/modules/5.17.5-arch1-1

.

Offline

Board footer

Powered by FluxBB