tag:blogger.com,1999:blog-2299558191497942914.post5768389384210426154..comments2022-12-05T04:20:18.599+00:00Comments on Geekology, by Garnett: OpenBSD L2TP/IPSec VPN for AndroidJayton Garnetthttp://www.blogger.com/profile/05321052157184585421noreply@blogger.comBlogger10125tag:blogger.com,1999:blog-2299558191497942914.post-18399861203597186262017-01-17T09:33:48.886+00:002017-01-17T09:33:48.886+00:00Hi, sorry I've been really busy and hadn't...Hi, sorry I've been really busy and hadn't checked on my blog for a while and missed your comments. Please email your config files to blogpostcomments@outlook.comJayton Garnetthttps://www.blogger.com/profile/05321052157184585421noreply@blogger.comtag:blogger.com,1999:blog-2299558191497942914.post-77391012560612193072016-12-06T03:41:37.812+00:002016-12-06T03:41:37.812+00:00I will mail you if you like. Please let me know. I will mail you if you like. Please let me know. Chigurhhttps://www.blogger.com/profile/07607612643761267564noreply@blogger.comtag:blogger.com,1999:blog-2299558191497942914.post-87138498681995696682016-12-02T09:48:38.683+00:002016-12-02T09:48:38.683+00:00Can you post all your config files paste bin? anon...Can you post all your config files paste bin? anonymised of course.Jayton Garnetthttps://www.blogger.com/profile/05321052157184585421noreply@blogger.comtag:blogger.com,1999:blog-2299558191497942914.post-6792476853694567852016-12-01T12:35:00.645+00:002016-12-01T12:35:00.645+00:00Tried it but still no luck -
Dec 1 12:32:49 irel...Tried it but still no luck -<br /><br />Dec 1 12:32:49 ireland2 isakmpd[94768]: attribute_unacceptable: ENCRYPTION_ALGORITHM: got AES_CBC, expected 3DES_CBC<br />Dec 1 12:32:49 ireland2 last message repeated 5 times<br />Dec 1 12:32:49 ireland2 isakmpd[94768]: attribute_unacceptable: AUTHENTICATION_METHOD: got PRE_SHARED, expected RSA_SIG<br />Dec 1 12:32:49 ireland2 last message repeated 2 times<br />Dec 1 12:32:49 ireland2 isakmpd[94768]: message_negotiate_sa: no compatible proposal found<br />Dec 1 12:32:49 ireland2 isakmpd[94768]: dropped message from xxx.xx.xx.xxx port 306 due to notification type NO_PROPOSAL_CHOSEN<br />Dec 1 12:33:01 ireland2 npppd[85134]: l2tpd ctrl=1 timeout waiting ack for ctrl packets.<br />Dec 1 12:33:01 ireland2 npppd[85134]: l2tpd ctrl=1 logtype=Finished<br />Dec 1 12:33:15 ireland2 npppd[85134]: l2tpd ctrl=2 logtype=Started RecvSCCRQ from=xxx.xx.xx.xxx:32436/udp tunnel_id=2/14044 protocol=1.0 winsize=1 hostname=anonymous vendor=(no vendorname) firm=0000<br />Dec 1 12:33:27 ireland2 npppd[85134]: l2tpd ctrl=2 timeout waiting ack for ctrl packets.<br />Dec 1 12:33:27 ireland2 npppd[85134]: l2tpd ctrl=2 logtype=FinishedChigurhhttps://www.blogger.com/profile/07607612643761267564noreply@blogger.comtag:blogger.com,1999:blog-2299558191497942914.post-90690035298457944402016-12-01T12:18:08.516+00:002016-12-01T12:18:08.516+00:00Change your "hmac-sha1" to "hmac-sh...Change your "hmac-sha1" to "hmac-sha2-256", reload/restart the service and try again.<br /><br />PS: the logs give you a good idea of what to change in order to get it working.Jayton Garnetthttps://www.blogger.com/profile/05321052157184585421noreply@blogger.comtag:blogger.com,1999:blog-2299558191497942914.post-86282148900174130472016-12-01T11:52:20.517+00:002016-12-01T11:52:20.517+00:00Hi Jay,
Please check this paste - https://pastebi...Hi Jay,<br /><br />Please check this paste - https://pastebin.mozilla.org/8933334 ,<br />sorry about that but here I can't paste more than 4K characters. The paste wont expire. Chigurhhttps://www.blogger.com/profile/07607612643761267564noreply@blogger.comtag:blogger.com,1999:blog-2299558191497942914.post-14712111497744516982016-12-01T09:28:12.797+00:002016-12-01T09:28:12.797+00:00Hi Chigurh,
That's some weirdness in your log...Hi Chigurh,<br /><br />That's some weirdness in your log!<br />Can you change your "3des" to "aes" and "hmac-md5" to "hmac-sha1" in your ipsec.conf? <br /><br />Restart iskmpd with:<br />/etc/rc.d/isakmpd restart<br />ipsecctl -f /etc/ipsec.conf<br /><br />and test again, please let me know if it does work and if it doesn't let me know and give me the logs and I'll have another look.Jayton Garnetthttps://www.blogger.com/profile/05321052157184585421noreply@blogger.comtag:blogger.com,1999:blog-2299558191497942914.post-12156233456483219672016-12-01T07:06:46.686+00:002016-12-01T07:06:46.686+00:00Hi, I tried these instructions but my Android clie...Hi, I tried these instructions but my Android client cant establish connection. For configurations & daemon.log please check my thread at http://daemonforums.org/showthread.php?t=10051 <br /><br />Thanks!chigurhhttps://www.blogger.com/profile/12615475488584590371noreply@blogger.comtag:blogger.com,1999:blog-2299558191497942914.post-57843149054148825182016-04-14T21:52:52.978+01:002016-04-14T21:52:52.978+01:00If you have any problems reply with the last 10 li...If you have any problems reply with the last 10 lines of /var/log/messages after trying to connect and I'll give you some pointers.Jayton Garnetthttps://www.blogger.com/profile/05321052157184585421noreply@blogger.comtag:blogger.com,1999:blog-2299558191497942914.post-39577197716214682632016-04-11T11:57:11.127+01:002016-04-11T11:57:11.127+01:00Thanks actually updating the blog posts! I'll...Thanks actually updating the blog posts! I'll give it a shot and report back! I am using CM13 "bacon" matthttps://www.blogger.com/profile/08774697530765619806noreply@blogger.com