[solved] F42 l2tp not connecting, while live USB Debian 13 does

Ask Fedora
1

Hi all,

Having just recently installed F42 KDE and loving it, I’ve discovered that my l2tp/ipsec connection doesn’t connect. It fails everytime an attempt is made.

I tried a live Debian 13 USB on the same PC and that does connect.

the live USB was missing a NM component so I took note of which one and updated it when back in F42, in the hope that would resolve the issue. Sadly it didn’t.

I’m really hopeful that someone here might be able to help resolve the issue. I have no idea where to start.

Any help would be much appreciated!

Cheers.

2

Try monitoring the system journal:

journalctl -f

See also: Viewing logs in Fedora :: Fedora Docs

3

thanks for your reply, much appreciated!

I tried what you suggested, and got this:

Oct 24 15:16:15 default-rdns.vocus.co.nz NetworkManager[25623]: <warn>  [1761272175.3994] vpn[0x562a8e80ab00,8a34563b-b459-4e88-b825-f1207fbd8a27,"Heath2Home"]: failed to connect: 'couldn't look up L2TP VPN gateway IP address '

Yet, this is the same gateway address that was accepted by the Debian live USB.

I’ve also uninstalled libreswan in favour of strongswan, which seems to be a common ‘fix’ for similar issues online.

Any ideas?

4

…and then this after a laptop reboot:

Oct 24 15:35:23 default-rdns.vocus.co.nz nm-l2tp-service[3129]: nm-l2tp-service (version 1.20.20-2.fc42) starting...
Oct 24 15:35:23 default-rdns.vocus.co.nz kded6[1654]: org.kde.plasma.nm.kded: Unhandled VPN connection state change:  NetworkManager::VpnConnection::NeedAuth
Oct 24 15:35:23 default-rdns.vocus.co.nz kded6[1654]: org.kde.plasma.nm.kded: Unhandled VPN connection state change:  NetworkManager::VpnConnection::Connecting
Oct 24 15:35:23 default-rdns.vocus.co.nz nm-l2tp-service[3129]: Check port 1701
Oct 24 15:35:23 default-rdns.vocus.co.nz nm-l2tp-service[3129]: /sbin/strongswan status > /dev/null 2>&1
Oct 24 15:35:23 default-rdns.vocus.co.nz nm-l2tp-service[3129]: /sbin/strongswan start  --conf /run/nm-l2tp-8a34563b-b459-4e88-b825-f1207fbd8a27/ipsec.conf --debug
Oct 24 15:35:23 default-rdns.vocus.co.nz NetworkManager[3146]: Starting strongSwan 6.0.2 IPsec [starter]...
Oct 24 15:35:23 default-rdns.vocus.co.nz NetworkManager[3146]: Loading config setup
Oct 24 15:35:23 default-rdns.vocus.co.nz NetworkManager[3146]: Loading conn '8a34563b-b459-4e88-b825-f1207fbd8a27'
Oct 24 15:35:23 default-rdns.vocus.co.nz ipsec_starter[3146]: Starting strongSwan 6.0.2 IPsec [starter]...
Oct 24 15:35:23 default-rdns.vocus.co.nz ipsec_starter[3146]: Loading config setup
Oct 24 15:35:23 default-rdns.vocus.co.nz ipsec_starter[3146]: Loading conn '8a34563b-b459-4e88-b825-f1207fbd8a27'
Oct 24 15:35:23 default-rdns.vocus.co.nz ipsec_starter[3150]: Attempting to start charon...
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[DMN] Starting IKE charon daemon (strongSwan 6.0.2, Linux 6.17.4-200.fc42.x86_64, x86_64)
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] PKCS11 module '<name>' lacks library path
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] providers loaded by OpenSSL: default legacy
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] plugin 'sqlite': failed to load - sqlite_plugin_create not found and no plugin file available
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] plugin 'kernel-libipsec': failed to load - kernel_libipsec_plugin_create not found and no plugin file available
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] using '/sbin/resolvconf' to install DNS servers
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] plugin 'eap-tnc': failed to load - eap_tnc_plugin_create not found and no plugin file available
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] plugin 'tnc-ifmap': failed to load - tnc_ifmap_plugin_create not found and no plugin file available
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] plugin 'tnc-pdp': failed to load - tnc_pdp_plugin_create not found and no plugin file available
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] plugin 'tnc-imc': failed to load - tnc_imc_plugin_create not found and no plugin file available
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] plugin 'tnc-imv': failed to load - tnc_imv_plugin_create not found and no plugin file available
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] plugin 'tnc-tnccs': failed to load - tnc_tnccs_plugin_create not found and no plugin file available
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] plugin 'tnccs-20': failed to load - tnccs_20_plugin_create not found and no plugin file available
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] plugin 'tnccs-11': failed to load - tnccs_11_plugin_create not found and no plugin file available
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] plugin 'tnccs-dynamic': failed to load - tnccs_dynamic_plugin_create not found and no plugin file available
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] loading ca certificates from '/etc/strongswan/ipsec.d/cacerts'
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] loading aa certificates from '/etc/strongswan/ipsec.d/aacerts'
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] loading ocsp signer certificates from '/etc/strongswan/ipsec.d/ocspcerts'
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] loading attribute certificates from '/etc/strongswan/ipsec.d/acerts'
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] loading crls from '/etc/strongswan/ipsec.d/crls'
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] loading secrets from '/etc/strongswan/ipsec.secrets'
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] loading secrets from '/etc/strongswan/ipsec.d/ipsec.nm-l2tp.secrets'
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG]   loaded IKE secret for %any
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] opening triplet file /etc/strongswan/ipsec.d/triplets.dat failed: No such file or directory
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] loaded 0 RADIUS server configurations
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] HA config misses local/remote address
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[CFG] no script for ext-auth script defined, disabled
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] loaded plugins: charon pkcs11 tpm aesni md4 mgf1 random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pgp dnskey sshkey pem openssl gcrypt pkcs8 fips-prf gmp chapoly xcbc cmac kdf ctr ccm gcm ml drbg curl attr kernel-netlink selinux resolve socket-default farp stroke vici updown eap-identity eap-sim eap-aka eap-aka-3gpp eap-aka-3gpp2 eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap xauth-pam xauth-noauth dhcp led duplicheck unity counters
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[LIB] dropped capabilities, running as uid 0, gid 0
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 00[JOB] spawning 16 worker threads
Oct 24 15:35:23 default-rdns.vocus.co.nz ipsec_starter[3150]: charon (3151) started after 80 ms
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 06[CFG] received stroke: add connection '8a34563b-b459-4e88-b825-f1207fbd8a27'
Oct 24 15:35:23 default-rdns.vocus.co.nz charon[3151]: 06[CFG] added configuration '8a34563b-b459-4e88-b825-f1207fbd8a27'
Oct 24 15:35:24 default-rdns.vocus.co.nz charon[3151]: 10[CFG] rereading secrets
Oct 24 15:35:24 default-rdns.vocus.co.nz charon[3151]: 10[CFG] loading secrets from '/etc/strongswan/ipsec.secrets'
Oct 24 15:35:24 default-rdns.vocus.co.nz charon[3151]: 10[CFG] loading secrets from '/etc/strongswan/ipsec.d/ipsec.nm-l2tp.secrets'
Oct 24 15:35:24 default-rdns.vocus.co.nz charon[3151]: 10[CFG]   loaded IKE secret for %any
Oct 24 15:35:24 default-rdns.vocus.co.nz nm-l2tp-service[3129]: /sbin/strongswan up 8a34563b-b459-4e88-b825-f1207fbd8a27
Oct 24 15:35:24 default-rdns.vocus.co.nz charon[3151]: 12[CFG] received stroke: initiate '8a34563b-b459-4e88-b825-f1207fbd8a27'
Oct 24 15:35:24 default-rdns.vocus.co.nz charon[3151]: 13[IKE] initiating Main Mode IKE_SA 8a34563b-b459-4e88-b825-f1207fbd8a27[1] to 122.63.8.154
Oct 24 15:35:24 default-rdns.vocus.co.nz charon[3151]: 13[IKE] initiating Main Mode IKE_SA 8a34563b-b459-4e88-b825-f1207fbd8a27[1] to 122.63.8.154
Oct 24 15:35:24 default-rdns.vocus.co.nz charon[3151]: 13[ENC] generating ID_PROT request 0 [ SA V V V V V ]
Oct 24 15:35:24 default-rdns.vocus.co.nz charon[3151]: 13[NET] sending packet: from 10.10.0.3[500] to 122.63.8.154[500] (532 bytes)
Oct 24 15:35:28 default-rdns.vocus.co.nz charon[3151]: 15[IKE] sending retransmit 1 of request message ID 0, seq 1
Oct 24 15:35:28 default-rdns.vocus.co.nz charon[3151]: 15[NET] sending packet: from 10.10.0.3[500] to 122.63.8.154[500] (532 bytes)
Oct 24 15:35:33 default-rdns.vocus.co.nz NetworkManager[926]: <warn>  [1761273333.4268] vpn[0x55d3d7678550,8a34563b-b459-4e88-b825-f1207fbd8a27,"Heath2Home"]: failed to connect: 'Timeout was reached'
Oct 24 15:35:36 default-rdns.vocus.co.nz charon[3151]: 16[IKE] sending retransmit 2 of request message ID 0, seq 1
Oct 24 15:35:36 default-rdns.vocus.co.nz charon[3151]: 16[NET] sending packet: from 10.10.0.3[500] to 122.63.8.154[500] (532 bytes)
Oct 24 15:35:40 default-rdns.vocus.co.nz NetworkManager[3200]: Stopping strongSwan IPsec...
Oct 24 15:35:40 default-rdns.vocus.co.nz charon[3151]: 00[DMN] SIGINT received, shutting down
Oct 24 15:35:40 default-rdns.vocus.co.nz NetworkManager[3188]: initiating Main Mode IKE_SA 8a34563b-b459-4e88-b825-f1207fbd8a27[1] to 122.63.8.154
Oct 24 15:35:40 default-rdns.vocus.co.nz NetworkManager[3188]: generating ID_PROT request 0 [ SA V V V V V ]
Oct 24 15:35:40 default-rdns.vocus.co.nz NetworkManager[3188]: sending packet: from 10.10.0.3[500] to 122.63.8.154[500] (532 bytes)
Oct 24 15:35:40 default-rdns.vocus.co.nz NetworkManager[3188]: sending retransmit 1 of request message ID 0, seq 1
Oct 24 15:35:40 default-rdns.vocus.co.nz NetworkManager[3188]: sending packet: from 10.10.0.3[500] to 122.63.8.154[500] (532 bytes)
Oct 24 15:35:40 default-rdns.vocus.co.nz NetworkManager[3188]: sending retransmit 2 of request message ID 0, seq 1
Oct 24 15:35:40 default-rdns.vocus.co.nz NetworkManager[3188]: sending packet: from 10.10.0.3[500] to 122.63.8.154[500] (532 bytes)
Oct 24 15:35:40 default-rdns.vocus.co.nz NetworkManager[3188]: destroying IKE_SA in state CONNECTING without notification
Oct 24 15:35:40 default-rdns.vocus.co.nz NetworkManager[3188]: establishing connection '8a34563b-b459-4e88-b825-f1207fbd8a27' failed
Oct 24 15:35:40 default-rdns.vocus.co.nz charon[3151]: 00[IKE] destroying IKE_SA in state CONNECTING without notification
Oct 24 15:35:40 default-rdns.vocus.co.nz ipsec_starter[3150]: child 3151 (charon) has quit (exit code 0)
Oct 24 15:35:40 default-rdns.vocus.co.nz ipsec_starter[3150]: 
Oct 24 15:35:40 default-rdns.vocus.co.nz ipsec_starter[3150]: charon stopped after 200 ms
Oct 24 15:35:40 default-rdns.vocus.co.nz ipsec_starter[3150]: ipsec starter stopped
Oct 24 15:35:41 default-rdns.vocus.co.nz nm-l2tp-service[3129]: Could not establish IPsec connection.
5

Sorted. Apparently, a little thing called ‘an internet connection’ is quite helpful. Sorry for bothering you all.

2 Likes