Avatar of keith li
keith liFlag for Hong Kong

asked on 

Centos 7 L2TP problem

Dear all

                   I,m getting below error when running "IPsec setup start" , and bottom is the ipsec.conf , any help would be appreciated !


====================================================
[root@LinuxHomeServer ipsec.d]# ipsec setup start
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:48: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:48: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:48: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
unknown stack
Redirecting to: systemctl start ipsec.service
Job for ipsec.service failed because the control process exited with error code. See "systemctl status ipsec.service" and "journalctl -xe" for details.
============================================================


vim /etc/ipsec.conf

virtual_private=%v4:192.168.0.0/16

conn=L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
dpddelay=30
dpdtimeout=120
dpdaction=clear
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=XX.XX.XX.XX
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
* CentOSLinux NetworkingVPN

Avatar of undefined
Last Comment
David Favor
ASKER CERTIFIED SOLUTION
Avatar of David Favor
David Favor
Flag of United States of America image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of keith li
keith li
Flag of Hong Kong image

ASKER

vim /etc/ipsec.conf

virtual_private=%v4:192.168.0.0/16        <----- this is the sentence detected has problem,

conn=L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
authby=secret
pfs=no
auto=add
keyingtries=3
dpddelay=30
dpdtimeout=120
dpdaction=clear
rekey=no
ikelifetime=8h
keylife=1h
type=transport
left=XX.XX.XX.XX
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
Avatar of noci
noci

it should look like:
config setup
    ....
    virtual_private=...

conn L2TP-PSK-NAT
    rightsubnet=vhost:%priv
    also=L2TP-PSK-noNAT
    conn L2TP-PSK-noNAT
   ....

Open in new window


if everything is left aligned it will not work.
Avatar of keith li
keith li
Flag of Hong Kong image

ASKER

I,m still getting the same error, now already not aligned to left

[root@LinuxHomeServer ~]# ipsec setup start
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:58: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
cannot load config '/etc/ipsec.conf': /etc/ipsec.conf:58: syntax error, unexpected KEYWORD, expecting $end [virtual_private]
unknown stack
Redirecting to: systemctl start ipsec.service
Job for ipsec.service failed because the control process exited with error code. See "systemctl status ipsec.service" and "journalctl -xe" for details.


===========================================
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10
conn L2TP-PSK-NAT
    rightsubnet=vhost:%priv
    also=L2TP-PSK-noNAT
#conn L2TP-PSK-noNAT
        authby=secret
        pfs=no
        auto=add
        keyingtries=3
        dpddelay=30
        dpdtimeout=120
        dpdaction=clear
        rekey=no
        ikelifetime=8h
        keylife=1h
        type=transport
        left=xx.xx.xx.xx
        leftprotoport=17/1701
        right=%any
        rightprotoport=17/%any
SOLUTION
Avatar of noci
noci

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Avatar of David Favor
David Favor
Flag of United States of America image

Poster has stopped posting.

Flagged two answers, which provided same information.
VPN
VPN

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

26K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo