I'm having trouble connecting my Android 2.3.5 phone to my Astaro box. I'm able connect Windows machines to Astaro using a preshared key just fine, but Android doesn't work. I'm running Astaro 8.302.
My network is as follows:
Modem (in bridged mode) --> Astaro Box
L2TP/IPSEC settings:
Interface: External
Authentication: Preshared key
Assign IP Address: IP Address Pool
Pool Network: VPN Pool (L2TP)
Firewall:
Source: VPN Pool (L2TP)
Service: Any
Destination: Internal Network
NAT Masquerading Rule:
VPN Pool (L2TP) --> External (Bottom position)
I know how to retrieve the logs, but I don't know enough to be able to diagnose the problem just by reading the logs. Does anyone have any suggestions on what I need to do?
Here's a copy of the IPSEC log from Astaro (Android IP is removed):
My network is as follows:
Modem (in bridged mode) --> Astaro Box
L2TP/IPSEC settings:
Interface: External
Authentication: Preshared key
Assign IP Address: IP Address Pool
Pool Network: VPN Pool (L2TP)
Firewall:
Source: VPN Pool (L2TP)
Service: Any
Destination: Internal Network
NAT Masquerading Rule:
VPN Pool (L2TP) --> External (Bottom position)
I know how to retrieve the logs, but I don't know enough to be able to diagnose the problem just by reading the logs. Does anyone have any suggestions on what I need to do?
Here's a copy of the IPSEC log from Astaro (Android IP is removed):
Code:
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: rcvd [LCP TermReq id=0x8 "R_oD\000<\37777777715t\000\000\000\000"]
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: LCP terminated by peer (R_oD^@<M-Mt^@^@^@^@)
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: Connect time 29.5 minutes.
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: Sent 15589269 bytes, received 856775 bytes.
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: Script /etc/ppp/ip-down started (pid 25853)
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: Overriding mtu 1500 to 1380
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: PPPoL2TP options: lnsmode tid 38263 sid 25046 debugmask 0
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: Overriding mru 1500 to mtu value 1380
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: sent [LCP TermAck id=0x8]
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: Terminating on signal 15
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: id="2202" severity="info" sys="SecureNet" sub="vpn" event="Connection terminated" username="jkrueger" variant="l2tp" srcip="12.179.82.2" virtual_ip="10.242.3.2"
2012:05:07-08:32:24 sqlguy pppd-l2tp[23587]: Script /etc/ppp/ip-down finished (pid 25853), status = 0x0
2012:05:07-08:32:25 sqlguy pluto[15886]: "S_REF_IpsL2t1_1"[4] 12.179.82.2:2414 #15: received Delete SA(0xfb2dc8f4) payload: deleting IPSEC State #16
2012:05:07-08:32:25 sqlguy pluto[15886]: "S_REF_IpsL2t1_1"[4] 12.179.82.2:2414 #15: deleting connection "S_REF_IpsL2t1_0"[3] instance with peer 12.179.82.2 {isakmp=#0/ipsec=#0}
2012:05:07-08:32:25 sqlguy pluto[15886]: "S_REF_IpsL2t1_1"[4] 12.179.82.2:2414 #15: received Delete SA payload: deleting ISAKMP State #15
2012:05:07-08:32:25 sqlguy pluto[15886]: "S_REF_IpsL2t1_1"[4] 12.179.82.2:2414: deleting connection "S_REF_IpsL2t1_1"[4] instance with peer 12.179.82.2 {isakmp=#0/ipsec=#0}
2012:05:07-08:32:27 sqlguy pppd-l2tp[23587]: Connection terminated.
2012:05:07-08:32:27 sqlguy pppd-l2tp[23587]: Modem hangup
2012:05:07-08:32:27 sqlguy pppd-l2tp[23587]: Exit.
2012:05:07-08:32:48 sqlguy pluto[15886]: packet from <My Android Phone IP>:6137: received Vendor ID payload [RFC 3947]
2012:05:07-08:32:48 sqlguy pluto[15886]: packet from <My Android Phone IP>:6137: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02]
2012:05:07-08:32:48 sqlguy pluto[15886]: packet from <My Android Phone IP>:6137: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2012:05:07-08:32:48 sqlguy pluto[15886]: packet from <My Android Phone IP>:6137: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
2012:05:07-08:32:48 sqlguy pluto[15886]: packet from <My Android Phone IP>:6137: ignoring Vendor ID payload [FRAGMENTATION 80000000]
2012:05:07-08:32:48 sqlguy pluto[15886]: "S_REF_IpsL2t1_1"[9] <My Android Phone IP>:6137 #21: responding to Main Mode from unknown peer <My Android Phone IP>:6137
2012:05:07-08:32:49 sqlguy pluto[15886]: "S_REF_IpsL2t1_1"[9] <My Android Phone IP>:6137 #21: NAT-Traversal: Result using RFC 3947: peer is NATed
2012:05:07-08:32:49 sqlguy pluto[15886]: "S_REF_IpsL2t1_1"[9] <My Android Phone IP>:6137 #21: Peer ID is ID_IPV4_ADDR: '10.247.1.177'
2012:05:07-08:32:49 sqlguy pluto[15886]: "S_REF_IpsL2t1_1"[10] <My Android Phone IP>:6137 #21: deleting connection "S_REF_IpsL2t1_1"[9] instance with peer <My Android Phone IP> {isakmp=#0/ipsec=#0}
2012:05:07-08:32:49 sqlguy pluto[15886]: | NAT-T: new mapping <My Android Phone IP>:6137/6131)
2012:05:07-08:32:49 sqlguy pluto[15886]: "S_REF_IpsL2t1_1"[10] <My Android Phone IP>:6131 #21: sent MR3, ISAKMP SA established
2012:05:07-08:32:49 sqlguy pluto[15886]: "S_REF_IpsL2t1_1"[10] <My Android Phone IP>:6131 #21: ignoring informational payload, type IPSEC_INITIAL_CONTACT
2012:05:07-08:32:50 sqlguy pluto[15886]: "S_REF_IpsL2t1_0"[5] <My Android Phone IP>:6131 #22: responding to Quick Mode
2012:05:07-08:32:50 sqlguy pluto[15886]: "S_REF_IpsL2t1_0"[5] <My Android Phone IP>:6131 #22: IPsec SA established {ESP=>0x09ee6096 <0x74ea7f67 NATOA=0.0.0.0}