Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
L2TP für Android - IP6 Header Compression/RTP IPHC Compresse
View unanswered posts
View posts from last 24 hours
View posts from last 7 days

 
Reply to topic    Gentoo Forums Forum Index Deutsches Forum (German)
View previous topic :: View next topic  
Author Message
slick
Bodhisattva
Bodhisattva


Joined: 20 Apr 2003
Posts: 3495

PostPosted: Sun Apr 20, 2014 3:10 pm    Post subject: L2TP für Android - IP6 Header Compression/RTP IPHC Compresse Reply with quote

Ich habe mir einen L2TP Tunnel für Android gebaut. (openswan,xl2tpd,ppp)

Verbindungsaufbau funktioniert einwandfrei.

Code:
Apr 20 16:46:37 [pluto] packet from x.x.x.x:46082: received Vendor ID payload [RFC 3947] method set to=115
Apr 20 16:46:37 [pluto] packet from x.x.x.x:46082: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 115
Apr 20 16:46:37 [pluto] packet from x.x.x.x:46082: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115
Apr 20 16:46:37 [pluto] packet from x.x.x.x:46082: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-00]
Apr 20 16:46:37 [pluto] packet from x.x.x.x:46082: ignoring Vendor ID payload [FRAGMENTATION 80000000]
Apr 20 16:46:37 [pluto] packet from x.x.x.x:46082: received Vendor ID payload [Dead Peer Detection]
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[1] x.x.x.x #1: responding to Main Mode from unknown peer x.x.x.x
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[1] x.x.x.x #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[1] x.x.x.x #1: STATE_MAIN_R1: sent MR1, expecting MI2
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[1] x.x.x.x #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): peer is NATed
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[1] x.x.x.x #1: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[1] x.x.x.x #1: STATE_MAIN_R2: sent MR2, expecting MI3
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[1] x.x.x.x #1: Main mode peer ID is ID_IPV4_ADDR: 'x.x.x.x'
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[1] x.x.x.x #1: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT"
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #1: deleting connection "L2TP-PSK-NAT" instance with peer x.x.x.x {isakmp=#0/ipsec=#0}
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #1: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #1: new NAT mapping for #1, was x.x.x.x:46082, now x.x.x.x:60928
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp1024}
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #1: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
Apr 20 16:46:37 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #1: received and ignored informational message
Apr 20 16:46:38 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #1: the peer proposed: x.x.x.x/32:17/0 -> x.x.x.x/32:17/0
Apr 20 16:46:38 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #2: responding to Quick Mode proposal {msgid:434134fa}
Apr 20 16:46:38 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #2:     us: x.x.x.x/32===x.x.x.x<x.x.x.x>:17/%any
Apr 20 16:46:38 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #2:   them: x.x.x.x[x.x.x.x]:17/0
Apr 20 16:46:38 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #2: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Apr 20 16:46:38 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #2: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Apr 20 16:46:38 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #2: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Apr 20 16:46:38 [pluto] "L2TP-PSK-NAT"[2] x.x.x.x #2: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x040b0b6d <0xd6f2bc70 xfrm=AES_256-HMAC_SHA1 NATOA=none NATD=x.x.x.x:60928 DPD=none}
Apr 20 16:46:41 [xl2tpd] Connection established to x.x.x.x, 55025.  Local: 49832, Remote: 51699 (ref=0/0).  LNS session is 'default'_
Apr 20 16:46:41 [xl2tpd] Call established with x.x.x.x, Local: 14360, Remote: 32716, Serial: 1571646076_
Apr 20 16:46:41 [pppd] pppd 2.4.5 started by root, uid 0
Apr 20 16:46:41 [pppd] Using interface ppp0
Apr 20 16:46:41 [pppd] Connect: ppp0 <--> /dev/pts/2
Apr 20 16:46:42 [pppd] Deflate (15) compression enabled
Apr 20 16:46:42 [pppd] Cannot determine ethernet address for proxy ARP
Apr 20 16:46:42 [pppd] local  IP address x.x.x.x
Apr 20 16:46:42 [pppd] remote IP address x.x.x.x


(Oder ist da was auffällig?)

Ping und z.B. HTTP über das VPN läuft. Allerdings bei anderen (irgendwelche Apps) zickt er rum. Im Log bekomme ich jetzt dann Fehlermeldungen dieser Art:

Code:
Apr 20 16:52:00 [pppd] Protocol-Reject for unsupported protocol 'RTP IPHC Compressed TCP' (0x63)
                - Last output repeated 4 times -
Apr 20 16:52:01 [pppd] Protocol-Reject for unsupported protocol 'IP6 Header Compression' (0x4f)
Apr 20 16:52:01 [pppd] Protocol-Reject for unsupported protocol 'RTP IPHC Compressed TCP' (0x63)
                - Last output repeated 12 times -
Apr 20 16:52:02 [pppd] Protocol-Reject for unsupported protocol 'IP6 Header Compression' (0x4f)
Apr 20 16:52:02 [pppd] Protocol-Reject for unsupported protocol 'RTP IPHC Compressed TCP' (0x63)
                - Last output repeated 6 times -
Apr 20 16:52:04 [pppd] Protocol-Reject for unsupported protocol 'IP6 Header Compression' (0x4f)
Apr 20 16:52:04 [pppd] Protocol-Reject for unsupported protocol 'RTP IPHC Compressed TCP' (0x63)
                - Last output repeated 13 times -
Apr 20 16:52:09 [pppd] Protocol-Reject for unsupported protocol 'IP6 Header Compression' (0x4f)
Apr 20 16:52:09 [pppd] Protocol-Reject for unsupported protocol 'RTP IPHC Compressed TCP' (0x63)
                - Last output repeated 12 times -
Apr 20 16:52:19 [pppd] Protocol-Reject for unsupported protocol 'IP6 Header Compression' (0x4f)
Apr 20 16:52:19 [pppd] Protocol-Reject for unsupported protocol 'RTP IPHC Compressed TCP' (0x63)
                - Last output repeated 22 times -
Apr 20 16:52:39 [pppd] Protocol-Reject for unsupported protocol 'IP6 Header Compression' (0x4f)
Apr 20 16:52:39 [pppd] Protocol-Reject for unsupported protocol 'RTP IPHC Compressed TCP' (0x63)


Also Sachstand ist ich habe keinen IPv6 Support im Kernel und baue den Kernel auch komplett selbst ohne Module. Ich denke mal ich habe etwas vergessen. Was?

Was ich nicht möchte ist IPv6 Support hinzufügen oder wird das hier benötigt?

Code:
[*] Packet socket 
[ ]   Packet: sockets monitoring interface 
[*] Unix domain sockets
[ ]   UNIX: socket monitoring interface
[*] Transformation user configuration interface
[ ] Transformation sub policy support
[ ] Transformation migrate database
[ ] Transformation statistics
[*] PF_KEY sockets
[ ]   PF_KEY MIGRATE
[*] TCP/IP networking
[*]   IP: multicasting 
[ ]   IP: advanced router
[ ]   IP: kernel level autoconfiguration
[ ]   IP: tunneling 
[ ]   IP: GRE demultiplexer
[ ]   IP: multicast routing
[*]   IP: TCP syncookie support
[ ]   Virtual (secure) IP: tunneling
[*]   IP: AH transformation
[*]   IP: ESP transformation 
[*]   IP: IPComp transformation
[*]   IP: IPsec transport mode     
[*]   IP: IPsec tunnel mode
[*]   IP: IPsec BEET mode           
[ ]   Large Receive Offload (ipv4/tcp)
[ ]   INET: socket monitoring interface
[ ]   TCP: advanced congestion control  ----
[ ]   TCP: MD5 Signature Option support (RFC2385)
[ ]   The IPv6 protocol  ----
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Deutsches Forum (German) All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum