# connect to server with l2tp



## mfaridi (Jan 9, 2011)

I use FreeBSD AMD64 with Gnome , my friend manage VPN on FreeBSD box and it use L2tp method. 
So my friend say when I want use it , I must use it with l2tp method or way , 
I search google and I see I can use l2tp for connect to VPN or MPD.
So for connect to server what I must do ?
Do I need I run IPSEC on my system or no ?
Do I need config l2tp ?
my friend only give me username and password and IP of server and say I can use these for connect server


----------



## mfaridi (Jan 10, 2011)

Hi guys , I need help about this problem


----------



## mav@ (Jan 10, 2011)

mfaridi said:
			
		

> I use FreeBSD AMD64 with Gnome , my friend manage VPN on FreeBSD box and it use L2tp method.
> So my friend say when I want use it , I must use it with l2tp method or way ,
> I search google and I see I can use l2tp for connect to VPN or MPD.


L2TP is one of protocols used for VPNs. MPD is one of the programs program implementing that protocol on FreeBSD; You may use it, though there is no GUI, so you should configure it by hands.


			
				mfaridi said:
			
		

> So for connect to server what I must do ?


Read MPD documentation and example configuration.


			
				mfaridi said:
			
		

> Do I need I run IPSEC on my system or no ?


L2TP can be used in both ways. Depends on server configuration. Ask your friend.


			
				mfaridi said:
			
		

> Do I need config l2tp ?


You need to config MPD to run L2TP.


			
				mfaridi said:
			
		

> my friend only give me username and password and IP of server and say I can use these for connect server


That should be enough if no IPSEC used.


----------



## DutchDaemon (Jan 10, 2011)

mfaridi said:
			
		

> Hi guys , I need help about this problem



mfaridi, I told you this before: *stop bumping threads*, unless you add:

a) things you've tried in the meantime
b) new information or additional logging

There's no point in demanding attention for your specific problem; this is not a *paid helpdesk*.


----------



## mfaridi (Jan 10, 2011)

mav@ said:
			
		

> L2TP is one of protocols used for VPNs. MPD is one of the programs program implementing that protocol on FreeBSD; You may use it, though there is no GUI, so you should configure it by hands.
> 
> Read MPD documentation and example configuration.
> 
> ...



this is my MPD config for use l2tp , but I do not know it does not work

```
startup:
#        set  user test1 admin
#        set  user test1
#        set console self 127.0.0.1 1701
#        set console open
#        set web self 0.0.0.0.  1701
#        set web open

default: default:
        load l2tp_client

l2tp_client: l2tp_client:
        create bundle static B1
        set bundle disable crypt-reqd
#        set ipcp no vjcomp
        set ipcp ranges 0.0.0.0/0 0.0.0.0/0
        set iface up-script /usr/local/etc/mpd5/up.sh
        set iface down-script /usr/local/etc/mpd5/down.sh
        set iface enable tcpmssfix
        create link static L1 l2tp
        set link action bundle B1
        set link max-redial 0
        set link mtu 1460
        set link keep-alive 10 60
        set link accept chap
        set link no pap eap
        set auth authname test
        set auth password test

        set l2tp peer 1.2.3.4
        open
```
and when I type in terminal

```
mpd5
```
I see this

```
mfaridipc# mpd5
Multi-link PPP daemon for FreeBSD
 
process 50358 started, version 5.5 (root@mfaridipc.faridi 17:24  9-Jan-2011)
[B1] Bundle: Interface ng0 created
[L1] [L1] Link: OPEN event
[L1] LCP: Open event
[L1] LCP: state change Initial --> Starting
[L1] LCP: LayerStart
L2TP: Initiating control connection 0x801e82a10 0.0.0.0 0 <-> 1.2.3.4 1701
L2TP: Control connection 0x801e82a10 1.2.3.5 40716 <-> 1.2.3.4 1701 connected
[L1] L2TP: Incoming call #3230000 via control connection 0x801e82a10 initiated
[L1] L2TP: Call #3230000 connected
[L1] Link: UP event
[L1] LCP: Up event
[L1] LCP: state change Starting --> Req-Sent
[L1] LCP: SendConfigReq #1
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1500
[L1]   MAGICNUM 05ef59d2
[L1] LCP: rec'd Configure Request #5 (Req-Sent)
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1460
[L1]   MAGICNUM ae7362ed
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: SendConfigAck #5
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1460
[L1]   MAGICNUM ae7362ed
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: state change Req-Sent --> Ack-Sent
[L1] LCP: rec'd Configure Ack #1 (Ack-Sent)
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1500
[L1]   MAGICNUM 05ef59d2
[L1] LCP: state change Ack-Sent --> Opened
[L1] LCP: auth: peer wants CHAP, I want nothing
[L1] LCP: LayerUp
[L1] CHAP: rec'd CHALLENGE #1 len: 21
[L1]   Name: ""
[L1] CHAP: Using authname "test1"
[L1] CHAP: sending RESPONSE #1 len: 59
[L1] CHAP: rec'd SUCCESS #1 len: 46
[L1]   MESG: S=02675780AFEE625F1DE4A5ED3899A77039427D83
[L1] LCP: authorization successful
[L1] Link: Matched action 'bundle "B1" ""'
[L1] Link: Join bundle "B1"
[B1] Bundle: Status update: up 1 link, total bandwidth 64000 bps
[B1] IPCP: Open event
[B1] IPCP: state change Initial --> Starting
[B1] IPCP: LayerStart
[B1] IPCP: Up event
[B1] IPCP: state change Starting --> Req-Sent
[B1] IPCP: SendConfigReq #1
[B1]   IPADDR 0.0.0.0
[B1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[B1] IPCP: rec'd Configure Request #6 (Req-Sent)
[B1]   IPADDR 10.0.0.2
[B1]     10.0.0.2 is OK
[B1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[B1] IPCP: SendConfigAck #6
[B1]   IPADDR 10.0.0.2
[B1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[B1] IPCP: state change Req-Sent --> Ack-Sent
[L1] rec'd unexpected protocol CCP, rejecting
[L1] rec'd unexpected protocol ECP, rejecting
[B1] IPCP: rec'd Configure Nak #1 (Ack-Sent)
[B1]   IPADDR 10.0.0.20
[B1]     10.0.0.20 is OK
[B1] IPCP: SendConfigReq #2
[B1]   IPADDR 10.0.0.20
[B1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[B1] IPCP: rec'd Configure Ack #2 (Ack-Sent)
[B1]   IPADDR 10.0.0.20
[B1]   COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
[B1] IPCP: state change Ack-Sent --> Opened
[B1] IPCP: LayerUp
[B1]   10.0.0.20 -> 10.0.0.2
[B1] system: command "/usr/local/etc/mpd5/up.sh ng0 inet 10.0.0.20/32 10.0.0.2 '-' '' '' '1.2.3.4'" returned 32256
[B1] IPCP: parameter negotiation failed
[B1] IPCP: state change Opened --> Stopping
[B1] IPCP: SendTerminateReq #3
[B1] IPCP: LayerDown
[B1] system: command "/usr/local/etc/mpd5/down.sh ng0 inet 10.0.0.20/32 10.0.0.2 '-' '1.2.3.4'" returned 32256
[B1] IPCP: rec'd Terminate Ack #7 (Stopping)
[B1] IPCP: state change Stopping --> Stopped
[B1] IPCP: LayerFinish
[B1] Bundle: No NCPs left. Closing links...
[B1] Bundle: closing link "L1"...
[L1] Link: CLOSE event
[L1] LCP: Close event
[L1] LCP: state change Opened --> Closing
[L1] Link: Leave bundle "B1"
[B1] Bundle: Status update: up 0 links, total bandwidth 9600 bps
[B1] IPCP: Close event
[B1] IPCP: state change Stopped --> Closed
[B1] IPCP: Down event
[B1] IPCP: state change Closed --> Initial
[L1] LCP: SendTerminateReq #2
[L1] LCP: LayerDown
[L1] LCP: rec'd Terminate Ack #6 (Closing)
[L1] LCP: state change Closing --> Closed
[L1] LCP: LayerFinish
[L1] L2TP: Call #3230000 terminated locally
[L1] Link: DOWN event
[L1] LCP: Down event
[L1] LCP: state change Closed --> Initial
L2TP: Control connection 0x801e82a10 terminated: 0 (no more sessions exist in this tunnel)
L2TP: Control connection 0x801e82a10 destroyed
```
and it does not work and when I type in firefox 

```
who.is
```
it show me original IP and I can not connect to blocked site


----------



## mav@ (Jan 13, 2011)

Have you tried to read provided log yourselves? There is clearly seen that /usr/local/etc/mpd5/up.sh script completed with error, that caused connection abort. If you need those scripts - fix them. If not - remove references to them from config file.


----------



## mfaridi (Jan 13, 2011)

mav@ said:
			
		

> Have you tried to read provided log yourselves? There is clearly seen that /usr/local/etc/mpd5/up.sh
> script completed with error, that caused connection abort. If you need those scripts - fix them. If not - remove references to them from config file.



I put # before up.sh and down.sh but right now I see this:

```
process 49294 started, version 5.5 (root@mfaridipc.faridi 17:24  9-Jan-2011)
[B1] Bundle: Interface ng0 created
[L1] [L1] Link: OPEN event
[L1] LCP: Open event
[L1] LCP: state change Initial --> Starting
[L1] LCP: LayerStart
L2TP: Initiating control connection 0x801e82a10 0.0.0.0 0 <-> 1.2.3.4 1701
L2TP: Control connection 0x801e82a10 80.191.91.11 56449 <-> 1.2.3.4 1701 connected
[L1] L2TP: Incoming call #6450000 via control connection 0x801e82a10 initiated
[L1] L2TP: Call #6450000 connected
[L1] Link: UP event
[L1] LCP: Up event
[L1] LCP: state change Starting --> Req-Sent
[L1] LCP: SendConfigReq #1
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1500
[L1]   MAGICNUM 2696a9e8
[L1] LCP: rec'd Configure Request #171 (Req-Sent)
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1460
[L1]   MAGICNUM ac800c1e
[L1]   AUTHPROTO CHAP MSOFTv2
[L1]   MP MRRU 1500
[L1]   MP SHORTSEQ
[L1]   ENDPOINTDISC [802.1] 00 19 bb ce 82 6a
[L1] LCP: SendConfigRej #171
[L1]   MP MRRU 1500
[L1]   MP SHORTSEQ
[L1] LCP: rec'd Configure Request #172 (Req-Sent)
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1460
[L1]   MAGICNUM ac800c1e
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: SendConfigAck #172
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1460
[L1]   MAGICNUM ac800c1e
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: state change Req-Sent --> Ack-Sent
[L1] LCP: SendConfigReq #2
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1500
[L1]   MAGICNUM 2696a9e8
[L1] LCP: rec'd Configure Request #173 (Ack-Sent)
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1460
[L1]   MAGICNUM ac800c1e
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: SendConfigAck #173
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1460
[L1]   MAGICNUM ac800c1e
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: rec'd Configure Ack #2 (Ack-Sent)
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1500
[L1]   MAGICNUM 2696a9e8
[L1] LCP: state change Ack-Sent --> Opened
[L1] LCP: auth: peer wants CHAP, I want nothing
[L1] LCP: LayerUp
[L1] CHAP: rec'd CHALLENGE #1 len: 21
[L1]   Name: ""
[L1] CHAP: Using authname "test1"
[L1] CHAP: sending RESPONSE #1 len: 59
[L1] CHAP: rec'd FAILURE #1 len: 31
[L1]   MESG: E=691 R=0 M=Login incorrect
[L1] LCP: authorization failed
[L1] LCP: parameter negotiation failed
[L1] LCP: state change Opened --> Stopping
[L1] LCP: SendTerminateReq #3
[L1] LCP: LayerDown
[L1] LCP: rec'd Terminate Request #174 (Stopping)
[L1] LCP: SendTerminateAck #4
[L1] LCP: rec'd Terminate Ack #175 (Stopping)
[L1] LCP: state change Stopping --> Stopped
[L1] LCP: LayerFinish
[L1] L2TP: Call #6450000 terminated locally
[L1] Link: DOWN event
[L1] LCP: Down event
[L1] LCP: state change Stopped --> Starting
[L1] LCP: LayerStart
[L1] Link: reconnection attempt 1 in 1 seconds
[L1] Link: reconnection attempt 1
[L1] L2TP: Incoming call #6450001 via control connection 0x801e82a10 initiated
[L1] L2TP: Call #6450001 connected
[L1] Link: UP event
[L1] LCP: Up event
[L1] LCP: state change Starting --> Req-Sent
[L1] LCP: SendConfigReq #5
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1500
[L1]   MAGICNUM c0f02018
[L1] LCP: rec'd Configure Request #176 (Req-Sent)
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1460
[L1]   MAGICNUM 77a46584
[L1]   AUTHPROTO CHAP MSOFTv2
[L1]   MP MRRU 1500
[L1]   MP SHORTSEQ
[L1]   ENDPOINTDISC [802.1] 00 19 bb ce 82 6a
[L1] LCP: SendConfigRej #176
[L1]   MP MRRU 1500
[L1]   MP SHORTSEQ
[L1] LCP: rec'd Configure Request #177 (Req-Sent)
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1460
[L1]   MAGICNUM 77a46584
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: SendConfigAck #177
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1460
[L1]   MAGICNUM 77a46584
[L1]   AUTHPROTO CHAP MSOFTv2
[L1] LCP: state change Req-Sent --> Ack-Sent
caught fatal signal int
[B1] IFACE: Close event
[B1] IPCP: Close event
[L1] LCP: SendConfigReq #6
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1500
[L1]   MAGICNUM c0f02018
[L1] LCP: rec'd Configure Ack #6 (Ack-Sent)
[L1]   ACFCOMP
[L1]   PROTOCOMP
[L1]   MRU 1500
[L1]   MAGICNUM c0f02018
[L1] LCP: state change Ack-Sent --> Opened
[L1] LCP: auth: peer wants CHAP, I want nothing
[L1] LCP: LayerUp
[L1] CHAP: rec'd CHALLENGE #1 len: 21
[L1]   Name: ""
[L1] CHAP: Using authname "test1"
[L1] CHAP: sending RESPONSE #1 len: 59
[L1] CHAP: rec'd FAILURE #1 len: 31
[L1]   MESG: E=691 R=0 M=Login incorrect
[L1] LCP: authorization failed
```


----------



## KuiWang (Dec 12, 2013)

have you done it well?Make freebsd work as L2tp client, I faced the same problem with U.

Have you been able to fix it? I faced the same problem as you when trying to make FreeBSD work as an L2TP client.


----------

