Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1348
Views
0
Helpful
0
Replies

Linux can not connect by L2TP/IPSec to Cisco ASA 5550 (but Windows does)

yurybx
Level 1
Level 1

‎03-07-2019 01:44 AM

You are my last hope!
Our partner provides a service that is available only through the L2TP/IPSec tunnel. We successfully connect to it from Windows, but the connection hangs dead a couple of times a week. Therefore, I decided to set up L2TP/IPSec connection on Linux. But after weeks of trying, I never managed to do it. The connection establishes, but once it breaks: on the side of Cisco there appears an error "IKE lost contact with remote peer, deleting connection", and on the side of the client "received DELETE for ESP CHILD_SA with SPI". I tried CentOS and FreeBSD, StrongSwan, LibreSwan and Racoon, XL2TPD and MPD5 - the same result! I tried to set up a connection on a machine with a public IP-address without firewalls and NATs - the same result! I asked in different forums, but they could not help.

Interestingly, the rupture of an IPsec connection occurs only after the establishment of an L2TP connection. If L2TP is not launched, then the IPSec connection remains valid (this can be seen from the "setkey -D").

The Windows machine with which we successfully connect is on the same network, which means our Internet provider is not to blame. Please help!
The service provider has Cisco ASA 5550. All logs and configuration are attached below.

Labels:
Preview file
9 KB
Client logs.zip
Preview file
1 KB
Preview file
1 KB
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents