Join Log in
Score:0
Andrew avatar Ubuntu

Why I don't see ppp0 interface after starting L2TP\IPSec server Ubuntu?

mx flag
Andrew

I used two instruction to set up my L2TP\IPSec server 1 and 2

But I don't see that xl2tpd start pppd demon. And because of this I dont see ppp0 interface. What I do wrong?

syslog:

Feb 26 14:35:24 vpn ipsec[537]: # unknown keyword 'salifetime'
Feb 26 14:35:24 vpn ipsec[537]: ### 36 parsing errors (0 fatal) ###
Feb 26 14:35:24 vpn charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.8.2, Linux 5.4.0-139-generic, x86_64)
Feb 26 14:35:24 vpn systemd[1]: Started /etc/rc.local Compatibility.
Feb 26 14:35:24 vpn systemd[1]: Finished Permit User Sessions.
Feb 26 14:35:24 vpn systemd[1]: Starting Hold until boot process finishes up...
Feb 26 14:35:24 vpn systemd[1]: Starting Terminate Plymouth Boot Screen...
Feb 26 14:35:24 vpn systemd[1]: Started OpenBSD Secure Shell server.
Feb 26 14:35:24 vpn systemd[1]: plymouth-quit-wait.service: Succeeded.
Feb 26 14:35:24 vpn systemd[1]: Finished Hold until boot process finishes up.
Feb 26 14:35:24 vpn systemd[1]: Starting Set console scheme...
Feb 26 14:35:24 vpn systemd[1]: plymouth-quit.service: Succeeded.
Feb 26 14:35:24 vpn systemd[1]: Finished Terminate Plymouth Boot Screen.
Feb 26 14:35:24 vpn systemd[1]: Finished Set console scheme.
Feb 26 14:35:24 vpn systemd[1]: Created slice system-getty.slice.
Feb 26 14:35:24 vpn systemd[1]: Started Getty on tty1.
Feb 26 14:35:24 vpn systemd[1]: Reached target Login Prompts.
Feb 26 14:35:24 vpn charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Feb 26 14:35:24 vpn charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Feb 26 14:35:24 vpn charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Feb 26 14:35:24 vpn charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Feb 26 14:35:24 vpn kernel: [    3.009087] Initializing XFRM netlink socket
Feb 26 14:35:24 vpn charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Feb 26 14:35:24 vpn charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Feb 26 14:35:24 vpn charon: 00[CFG]   loaded IKE secret for %any  %any 
Feb 26 14:35:24 vpn charon: 00[LIB] loaded plugins: charon aesni aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm drbg attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters
Feb 26 14:35:24 vpn charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
Feb 26 14:35:24 vpn charon: 00[JOB] spawning 16 worker threads
Feb 26 14:35:24 vpn wg-quick[542]: [#] ip link add wg0 type wireguard
Feb 26 14:35:24 vpn ipsec[537]: charon (549) started after 80 ms
Feb 26 14:35:24 vpn charon: 05[CFG] received stroke: add connection 'l2tp-psk'
Feb 26 14:35:24 vpn charon: 05[CFG] algorithm 'sha2;modp2048' not recognized
Feb 26 14:35:24 vpn charon: 05[CFG] skipped invalid proposal string: aes256-sha2;modp2048
Feb 26 14:35:24 vpn charon: 07[CFG] received stroke: add connection 'xauth-psk'
Feb 26 14:35:24 vpn charon: 07[CFG] algorithm 'sha2;modp2048' not recognized
Feb 26 14:35:24 vpn charon: 07[CFG] skipped invalid proposal string: aes256-sha2;modp2048
Feb 26 14:35:24 vpn charon: 09[CFG] received stroke: add connection 'ikev2-cp'
Feb 26 14:35:24 vpn charon: 09[CFG] algorithm 'sha2' not recognized
Feb 26 14:35:24 vpn charon: 09[CFG] skipped invalid proposal string: aes256-sha2
Feb 26 14:35:24 vpn systemd-udevd[325]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
Feb 26 14:35:24 vpn kernel: [    3.051991] wireguard: WireGuard 1.0.20201112 loaded. See www.wireguard.com for information.
Feb 26 14:35:24 vpn kernel: [    3.051992] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
Feb 26 14:35:24 vpn wg-quick[542]: [#] wg setconf wg0 /dev/fd/63
Feb 26 14:35:24 vpn wg-quick[542]: [#] ip -4 address add 192.168.123.1/24 dev wg0
Feb 26 14:35:24 vpn charon: 12[KNL] 192.168.123.1 appeared on wg0
Feb 26 14:35:24 vpn wg-quick[542]: [#] ip link set mtu 1420 up dev wg0
Feb 26 14:35:24 vpn charon: 14[KNL] interface wg0 activated
Feb 26 14:35:24 vpn systemd-udevd[338]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
Feb 26 14:35:24 vpn systemd-udevd[338]: Using default interface naming scheme 'v245'.
Feb 26 14:35:24 vpn wg-quick[542]: [#] iptables -P FORWARD DROP
Feb 26 14:35:24 vpn wg-quick[542]: [#] iptables -A FORWARD -i wg0 -o wg0 -s 192.168.123.0/24 -d 192.168.123.0/24 -j ACCEPT
Feb 26 14:35:24 vpn wg-quick[542]: [#] iptables -A FORWARD -i tun0 -o tun0 -s 192.168.125.0/24 -d 192.168.125.0/24 -j ACCEPT
Feb 26 14:35:24 vpn wg-quick[542]: [#] iptables -A FORWARD -i wg0 -o ens3 -s 192.168.123.0/24 -j ACCEPT
Feb 26 14:35:24 vpn wg-quick[542]: [#] iptables -A FORWARD -i tun0 -o ens3 -s 192.168.125.0/24 -j ACCEPT
Feb 26 14:35:24 vpn wg-quick[542]: [#] iptables -A FORWARD -i ens3 -o wg0 -d 192.168.123.0/24 -j ACCEPT
Feb 26 14:35:24 vpn wg-quick[542]: [#] iptables -A FORWARD -i ens3 -o tun0 -d 192.168.125.0/24 -j ACCEPT
Feb 26 14:35:24 vpn wg-quick[542]: [#] iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
Feb 26 14:35:24 vpn systemd[1]: Finished WireGuard via wg-quick(8) for wg0.
Feb 26 14:35:24 vpn fail2ban-server[548]: Server ready
Feb 26 14:35:25 vpn systemd-udevd[338]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
Feb 26 14:35:25 vpn kernel: [    3.456119] IPv4 over IPsec tunneling driver
Feb 26 14:35:25 vpn kernel: [    3.459157] IPsec XFRM device driver
Feb 26 14:35:25 vpn _stackmanager[550]: changing /proc/sys/net/core/xfrm_acq_expires from 165 to 30
Feb 26 14:35:25 vpn ipsec[1010]: nflog ipsec capture disabled
Feb 26 14:35:25 vpn systemd[1]: Started Internet Key Exchange (IKE) Protocol Daemon for IPsec.
Feb 26 14:35:25 vpn systemd[1]: Starting LSB: layer 2 tunelling protocol daemon...
Feb 26 14:35:25 vpn xl2tpd[1030]: Not looking for kernel SAref support.
Feb 26 14:35:25 vpn kernel: [    3.553345] NET: Registered protocol family 24
Feb 26 14:35:25 vpn kernel: [    3.558255] l2tp_core: L2TP core driver, V2.0
Feb 26 14:35:25 vpn xl2tpd[1030]: Using l2tp kernel support.
Feb 26 14:35:25 vpn xl2tpd[1034]: xl2tpd version xl2tpd-1.3.12 started on vpn PID:1034
Feb 26 14:35:25 vpn xl2tpd[1034]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Feb 26 14:35:25 vpn xl2tpd[1034]: Forked by Scott Balmos and David Stipp, (C) 2001
Feb 26 14:35:25 vpn xl2tpd[1034]: Inherited by Jeff McAdams, (C) 2002
Feb 26 14:35:25 vpn xl2tpd[1034]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
Feb 26 14:35:25 vpn xl2tpd[1034]: Listening on IP address 0.0.0.0, port 1701
Feb 26 14:35:25 vpn kernel: [    3.559919] l2tp_netlink: L2TP netlink interface
Feb 26 14:35:25 vpn kernel: [    3.561570] l2tp_ppp: PPPoL2TP kernel driver, V2.0
Feb 26 14:35:25 vpn xl2tpd[1025]: Starting xl2tpd: xl2tpd.
Feb 26 14:35:25 vpn systemd[1]: Started LSB: layer 2 tunelling protocol daemon.
Feb 26 14:35:25 vpn systemd[1]: Reached target Multi-User System.
Feb 26 14:35:25 vpn systemd[1]: Reached target Graphical Interface.
Feb 26 14:35:25 vpn systemd[1]: Starting Update UTMP about System Runlevel Changes...
Feb 26 14:35:25 vpn systemd[1]: systemd-update-utmp-runlevel.service: Succeeded.
Feb 26 14:35:25 vpn systemd[1]: Finished Update UTMP about System Runlevel Changes.
Feb 26 14:35:25 vpn systemd[1]: Startup finished in 1.346s (kernel) + 2.234s (userspace) = 3.581s.
Feb 26 14:35:25 vpn systemd[1]: dmesg.service: Succeeded.

Results of ip addr :

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq state UP group default qlen 1000
    link/ether 52:54:00:14:9b:95 brd ff:ff:ff:ff:ff:ff
    inet 79.133.122.115/24 brd 79.133.122.255 scope global ens3
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe14:9b95/64 scope link 
       valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq state UNKNOWN group default qlen 500
    link/none 
    inet 192.168.125.1/24 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fe80::2a2a:2f6f:d37c:d3d2/64 scope link stable-privacy 
       valid_lft forever preferred_lft forever
4: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none 
    inet 192.168.123.1/24 scope global wg0
       valid_lft forever preferred_lft forever

My system: Ubuntu 20.04(with the latest apt-get dist-upgrade)

VPS from GCORE:

WireGuard and OpenVPN server already running on my VPS

235
0 + 2
vpn
ppp
Pilot6 avatar
cn flag
Pilot6
You have `tun0`
0
Reply
Andrew avatar
mx flag
Andrew
@Pilot6 I can't use OpenVPN together with L2TP\IPSec ?
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.