Our partner provides a service that is available only through the L2TP/IPSec tunnel. We successfully connect to it from Windows, but the connection hangs dead a couple of times a week. Therefore, I decided to set up L2TP/IPSec connection from Linux. But after weeks of trying, I never managed to do it. The connection establishes, but once it breaks: on the side of Cisco there appears an error "IKE lost contact with remote peer, deleting connection", and on the side of the client "received DELETE for ESP CHILD_SA with SPI".
I tried CentOS and FreeBSD, StrongSwan, LibreSwan and Racoon, XL2TPD and MPD5 - the same result! I tried to set up a connection on a machine with a public IP-address without firewalls and NATs - the same result! I asked in different forums, even in Cisco community, but they could not help.
Interestingly, the rupture of an IPsec connection occurs only after the establishment of an L2TP connection. If L2TP is not launched, then the IPSec connection remains valid (this can be seen from the "setkey -D" command).
The Windows machine with which we successfully connect is on the same network, which means our Internet provider is not to blame. Please help! The service provider has Cisco ASA 5550.
No comments:
Post a Comment