keith li
asked on
Centos 7 L2TP problem
Dear all
I,m getting below error when running "IPsec setup start" , and bottom is the ipsec.conf , any help would be appreciated !
========================== ========== ========== ======
[root@LinuxHomeServer ipsec.d]# ipsec setup start
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:48: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:48: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:48: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
unknown stack
Redirecting to: systemctl start ipsec.service
Job for ipsec.service failed because the control process exited with error code. See "systemctl status ipsec.service" and "journalctl -xe" for details.
========================== ========== ========== ========== ====
vim /etc/ipsec.conf
virtual_private=%v4:192.16 8.0.0/16
conn=L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
dpddelay=30
dpdtimeout=120
dpdaction=clear
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=XX.XX.XX.XX
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
I,m getting below error when running "IPsec setup start" , and bottom is the ipsec.conf , any help would be appreciated !
==========================
[root@LinuxHomeServer ipsec.d]# ipsec setup start
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:48: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:48: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:48: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
unknown stack
Redirecting to: systemctl start ipsec.service
Job for ipsec.service failed because the control process exited with error code. See "systemctl status ipsec.service" and "journalctl -xe" for details.
==========================
vim /etc/ipsec.conf
virtual_private=%v4:192.16
conn=L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
dpddelay=30
dpdtimeout=120
dpdaction=clear
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=XX.XX.XX.XX
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
it should look like:
if everything is left aligned it will not work.
config setup
....
virtual_private=...
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
....
if everything is left aligned it will not work.
ASKER
I,m still getting the same error, now already not aligned to left
[root@LinuxHomeServer ~]# ipsec setup start
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:58: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:58: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
unknown stack
Redirecting to: systemctl start ipsec.service
Job for ipsec.service failed because the control process exited with error code. See "systemctl status ipsec.service" and "journalctl -xe" for details.
========================== ========== =======
virtual_private=%v4:10.0.0 .0/8,%v4:1 92.168.0.0 /16,%v4:17 2.16.0.0/1 2,%v4:25.0 .0.0/8,%v4 :100.64.0. 0/10,%v6:f d00::/8,%v 6:fe80::/1 0
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
#conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
dpddelay=30
dpdtimeout=120
dpdaction=clear
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=xx.xx.xx.xx
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
[root@LinuxHomeServer ~]# ipsec setup start
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:58: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:58: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
unknown stack
Redirecting to: systemctl start ipsec.service
Job for ipsec.service failed because the control process exited with error code. See "systemctl status ipsec.service" and "journalctl -xe" for details.
==========================
virtual_private=%v4:10.0.0
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
#conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
dpddelay=30
dpdtimeout=120
dpdaction=clear
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=xx.xx.xx.xx
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Poster has stopped posting.
Flagged two answers, which provided same information.
Flagged two answers, which provided same information.
ASKER
virtual_private=%v4:192.16
conn=L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
dpddelay=30
dpdtimeout=120
dpdaction=clear
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=XX.XX.XX.XX
leftprotoport=17/1701
right=%any
rightprotoport=17/%any