Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.3 L2TP/IPsec no l2tp interface

    Scheduled Pinned Locked Moved IPsec
    2 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      ziss_dm
      last edited by

      Hi,

      Followed instructions: https://doc.pfsense.org/index.php/L2TP/IPsec

      Client: Windows 10

      IKE - success, CHILD_SA - success. But no message "interface l2tp0 activated". Status/IPSec showing incoming packets from client

      
Bytes-In: 456 (456 B)
Packets-In: 3
Bytes-Out: 0 (0 B)
Packets-Out: 0

      Log:

      
Apr 24 18:46:08	charon		06[IKE] <con5|58>deleting IKE_SA con5[58] between 220.233.218.86[220.233.218.86]...120.21.29.79[192.168.43.112]
Apr 24 18:46:08	charon		13[IKE] <con5|58>closing CHILD_SA con5{332} with SPIs c260100d_i (912 bytes) 6cfe1848_o (0 bytes) and TS 220.233.218.86/32|/0[udp/l2f] === 120.21.29.79/32|/0[udp/l2f]
Apr 24 18:45:33	charon		08[IKE] <con5|58>CHILD_SA con5{332} established with SPIs c260100d_i 6cfe1848_o and TS 220.233.218.86/32|/0[udp/l2f] === 120.21.29.79/32|/0[udp/l2f]
Apr 24 18:45:33	charon		08[CHD] <con5|58>SPI 0x6cfe1848, src 220.233.218.86 dst 120.21.29.79
Apr 24 18:45:33	charon		08[CHD] SPI 0x6cfe1848, src 220.233.218.86 dst 120.21.29.79
Apr 24 18:45:33	charon		08[CHD] <con5|58>adding outbound ESP SA
Apr 24 18:45:33	charon		08[CHD] adding outbound ESP SA
Apr 24 18:45:33	charon		08[CHD] <con5|58>SPI 0xc260100d, src 120.21.29.79 dst 220.233.218.86
Apr 24 18:45:33	charon		08[CHD] SPI 0xc260100d, src 120.21.29.79 dst 220.233.218.86
Apr 24 18:45:33	charon		08[CHD] <con5|58>adding inbound ESP SA
Apr 24 18:45:33	charon		08[CHD] adding inbound ESP SA
Apr 24 18:45:33	charon		08[CHD] <con5|58>using HMAC_SHA1_96 for integrity
Apr 24 18:45:33	charon		08[CHD] using HMAC_SHA1_96 for integrity
Apr 24 18:45:33	charon		08[CHD] <con5|58>using AES_CBC for encryption
Apr 24 18:45:33	charon		08[CHD] using AES_CBC for encryption
Apr 24 18:45:32	charon		08[IKE] <con5|58>IKE_SA con5[58] established between 220.233.218.86[220.233.218.86]...120.21.29.79[192.168.43.112]
Apr 24 18:45:26	charon		06[IKE] <58> 120.21.29.79 is initiating a Main Mode IKE_SA</con5|58></con5|58></con5|58></con5|58></con5|58></con5|58></con5|58></con5|58></con5|58></con5|58>

      Regards,
      ziss_dm

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Read the warning note at the top of the wiki doc you linked – that won't work for Windows, for the exact case you have encountered.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.