VPN - L2TP over IPSec connection












0















I'm using Ubuntu 18.10. VPN is working on Win10
I can't establish VPN with my MikroTik router.



I tried this phases algorithms, but It's not working with any of them.



1.



Phase1 aes-sha1

Phase2 aes-sha1


2.



Phase1 3des-sha1-modp1024

Phase2 3des-sha1


3.



Phase1 3des-sha1;modp1024

Phase2 3des-sha1


4.



Phase1 aes256-sha1-modp1536

Phase2 aes256-sha1


4) Is working with DraytekRouter.



I used sudo tail -f /var/log/syslog to get logs and I'm attaching it.
Can someone help me?



LOG:



Jan 21 11:21:20 11e dbus-daemon[1193]: [session uid=1000 pid=1193] Activating via systemd: service name='org.gnome.Terminal' unit='gnome-terminal-server.service' requested by ':1.88' (uid=1000 pid=3161 comm="/usr/bin/gnome-terminal.real --window " label="unconfined")

Jan 21 11:21:20 11e systemd[1125]: Starting GNOME Terminal Server...

Jan 21 11:21:20 11e dbus-daemon[1193]: [session uid=1000 pid=1193] Successfully activated service 'org.gnome.Terminal'

Jan 21 11:21:20 11e systemd[1125]: Started GNOME Terminal Server.

Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # watch_fast: "/org/gnome/terminal/legacy/" (establishing: 0, active: 0)

Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # unwatch_fast: "/org/gnome/terminal/legacy/" (active: 0, establishing: 1)

Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # watch_established: "/org/gnome/terminal/legacy/" (establishing: 0)

Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3542] audit: op="connection-activate" uuid="33a76ea6-0d47-46a5-8310-01a80de375db" name="VPN" pid=1565 uid=1000 result="success"

Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3729] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: Started the VPN service, PID 3194

Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3941] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: Saw the service appear; activating connection

Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.7926] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN connection: (ConnectInteractive) reply received

Jan 21 11:21:34 11e nm-l2tp-service[3194]: Check port 1701

Jan 21 11:21:34 11e NetworkManager[939]: Stopping strongSwan IPsec failed: starter is not running

Jan 21 11:21:36 11e NetworkManager[939]: Starting strongSwan 5.6.3 IPsec [starter]...

Jan 21 11:21:36 11e NetworkManager[939]: Loading config setup

Jan 21 11:21:36 11e NetworkManager[939]: Loading conn '33a76ea6-0d47-46a5-8310-01a80de375db'

Jan 21 11:21:36 11e NetworkManager[939]: found netkey IPsec stack

Jan 21 11:21:36 11e charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.6.3, Linux 4.18.0-13-generic, x86_64)

Jan 21 11:21:36 11e charon: 00[CFG] PKCS11 module '<name>' lacks library path

Jan 21 11:21:37 11e charon: 00[CFG] disabling load-tester plugin, not configured

Jan 21 11:21:37 11e charon: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL

Jan 21 11:21:37 11e charon: 00[CFG] dnscert plugin is disabled

Jan 21 11:21:37 11e charon: 00[CFG] ipseckey plugin is disabled

Jan 21 11:21:37 11e charon: 00[CFG] attr-sql plugin: database URI not set

Jan 21 11:21:37 11e charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'

Jan 21 11:21:37 11e charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'

Jan 21 11:21:37 11e charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'

Jan 21 11:21:37 11e charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'

Jan 21 11:21:37 11e charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'

Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'

Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-33a76ea6-0d47-46a5-8310-01a80de375db.secrets'

Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any

Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-63c18717-e10e-4777-ba96-60bf94bb42c8.secrets'

Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any

Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8c0ee4b9-835c-4872-874f-a39d33fe68bd.secrets'

Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any

Jan 21 11:21:37 11e charon: 00[CFG] sql plugin: database URI not set

Jan 21 11:21:37 11e charon: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory

Jan 21 11:21:37 11e charon: 00[CFG] eap-simaka-sql database URI missing

Jan 21 11:21:37 11e charon: 00[CFG] loaded 0 RADIUS server configurations

Jan 21 11:21:37 11e charon: 00[CFG] HA config misses local/remote address

Jan 21 11:21:37 11e charon: 00[CFG] no threshold configured for systime-fix, disabled

Jan 21 11:21:37 11e charon: 00[CFG] coupling file path unspecified

Jan 21 11:21:37 11e charon: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 tpm aesni aes rc2 sha2 sha1 md4 md5 mgf1 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity counters

Jan 21 11:21:37 11e charon: 00[LIB] dropped capabilities, running as uid 0, gid 0

Jan 21 11:21:37 11e charon: 00[JOB] spawning 16 worker threads

Jan 21 11:21:37 11e charon: 06[CFG] received stroke: add connection '33a76ea6-0d47-46a5-8310-01a80de375db'

Jan 21 11:21:37 11e charon: 06[CFG] a DH group is mandatory in IKE proposals

Jan 21 11:21:37 11e charon: 06[CFG] skipped invalid proposal string: aes-sha1

Jan 21 11:21:37 11e charon: 07[CFG] rereading secrets

Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.secrets'

Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-33a76ea6-0d47-46a5-8310-01a80de375db.secrets'

Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any

Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-63c18717-e10e-4777-ba96-60bf94bb42c8.secrets'

Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any

Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8c0ee4b9-835c-4872-874f-a39d33fe68bd.secrets'

Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any

Jan 21 11:21:38 11e charon: 09[CFG] received stroke: initiate '33a76ea6-0d47-46a5-8310-01a80de375db'

Jan 21 11:21:38 11e charon: 09[CFG] no config named '33a76ea6-0d47-46a5-8310-01a80de375db'

Jan 21 11:21:38 11e NetworkManager[939]: no config named '33a76ea6-0d47-46a5-8310-01a80de375db'

Jan 21 11:21:38 11e NetworkManager[939]: Stopping strongSwan IPsec...

Jan 21 11:21:38 11e charon: 00[DMN] signal of type SIGINT received. Shutting down

Jan 21 11:21:38 11e nm-l2tp-service[3194]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed

Jan 21 11:21:38 11e NetworkManager[939]: <info>  [1548066098.4190] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN plugin: state changed: stopped (6)

Jan 21 11:21:38 11e NetworkManager[939]: <info>  [1548066098.4266] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN service disappeared

Jan 21 11:21:38 11e NetworkManager[939]: <warn>  [1548066098.4286] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'

Jan 21 11:21:41 11e NetworkManager[939]: <info>  [1548066101.4689] manager: NetworkManager state is now CONNECTED_SITE

Jan 21 11:21:41 11e whoopsie[1461]: [11:21:41] offline

Jan 21 11:21:41 11e dbus-daemon[907]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.16' (uid=0 pid=939 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")

Jan 21 11:21:41 11e systemd[1]: Starting Network Manager Script Dispatcher Service...

Jan 21 11:21:41 11e dbus-daemon[907]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'

Jan 21 11:21:41 11e systemd[1]: Started Network Manager Script Dispatcher Service.

Jan 21 11:21:41 11e nm-dispatcher: req:1 'connectivity-change': new request (1 scripts)

Jan 21 11:21:41 11e nm-dispatcher: req:1 'connectivity-change': start running ordered scripts...

Jan 21 11:21:42 11e NetworkManager[939]: <info>  [1548066102.8242] manager: NetworkManager state is now CONNECTED_GLOBAL

Jan 21 11:21:42 11e nm-dispatcher: req:2 'connectivity-change': new request (1 scripts)

Jan 21 11:21:42 11e nm-dispatcher: req:2 'connectivity-change': start running ordered scripts...

Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] The default IPv4 route is: /org/freedesktop/NetworkManager/ActiveConnection/2

Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] Not a paid data plan: /org/freedesktop/NetworkManager/ActiveConnection/2

Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] Found usable connection: /org/freedesktop/NetworkManager/ActiveConnection/2

Jan 21 11:21:44 11e whoopsie[1461]: [11:21:44] online

Jan 21 11:21:44 11e PackageKit: get-updates transaction /353_bdeecdcb from uid 1000 finished with success after 1991ms

Jan 21 11:21:46 11e PackageKit: get-updates transaction /354_bebcbabc from uid 1000 finished with success after 1864ms

Jan 21 11:21:48 11e PackageKit: get-updates transaction /355_cbeeacae from uid 1000 finished with success after 1878ms

Jan 21 11:21:50 11e PackageKit: get-updates transaction /356_bbecbebe from uid 1000 finished with success after 1847ms

Jan 21 11:21:52 11e PackageKit: get-updates transaction /357_bebedaba from uid 1000 finished with success after 1877ms


enter image description here






vpn







share|improve this question









New contributor




jarzabek_waclaw is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

























    0















    I'm using Ubuntu 18.10. VPN is working on Win10
    I can't establish VPN with my MikroTik router.



    I tried this phases algorithms, but It's not working with any of them.



    1.



    Phase1 aes-sha1
    
Phase2 aes-sha1


    2.



    Phase1 3des-sha1-modp1024
    
Phase2 3des-sha1


    3.



    Phase1 3des-sha1;modp1024
    
Phase2 3des-sha1


    4.



    Phase1 aes256-sha1-modp1536
    
Phase2 aes256-sha1


    4) Is working with DraytekRouter.



    I used sudo tail -f /var/log/syslog to get logs and I'm attaching it.
    Can someone help me?



    LOG:



    Jan 21 11:21:20 11e dbus-daemon[1193]: [session uid=1000 pid=1193] Activating via systemd: service name='org.gnome.Terminal' unit='gnome-terminal-server.service' requested by ':1.88' (uid=1000 pid=3161 comm="/usr/bin/gnome-terminal.real --window " label="unconfined")
    
Jan 21 11:21:20 11e systemd[1125]: Starting GNOME Terminal Server...
    
Jan 21 11:21:20 11e dbus-daemon[1193]: [session uid=1000 pid=1193] Successfully activated service 'org.gnome.Terminal'
    
Jan 21 11:21:20 11e systemd[1125]: Started GNOME Terminal Server.
    
Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # watch_fast: "/org/gnome/terminal/legacy/" (establishing: 0, active: 0)
    
Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # unwatch_fast: "/org/gnome/terminal/legacy/" (active: 0, establishing: 1)
    
Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # watch_established: "/org/gnome/terminal/legacy/" (establishing: 0)
    
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3542] audit: op="connection-activate" uuid="33a76ea6-0d47-46a5-8310-01a80de375db" name="VPN" pid=1565 uid=1000 result="success"
    
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3729] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: Started the VPN service, PID 3194
    
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3941] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: Saw the service appear; activating connection
    
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.7926] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN connection: (ConnectInteractive) reply received
    
Jan 21 11:21:34 11e nm-l2tp-service[3194]: Check port 1701
    
Jan 21 11:21:34 11e NetworkManager[939]: Stopping strongSwan IPsec failed: starter is not running
    
Jan 21 11:21:36 11e NetworkManager[939]: Starting strongSwan 5.6.3 IPsec [starter]...
    
Jan 21 11:21:36 11e NetworkManager[939]: Loading config setup
    
Jan 21 11:21:36 11e NetworkManager[939]: Loading conn '33a76ea6-0d47-46a5-8310-01a80de375db'
    
Jan 21 11:21:36 11e NetworkManager[939]: found netkey IPsec stack
    
Jan 21 11:21:36 11e charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.6.3, Linux 4.18.0-13-generic, x86_64)
    
Jan 21 11:21:36 11e charon: 00[CFG] PKCS11 module '<name>' lacks library path
    
Jan 21 11:21:37 11e charon: 00[CFG] disabling load-tester plugin, not configured
    
Jan 21 11:21:37 11e charon: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
    
Jan 21 11:21:37 11e charon: 00[CFG] dnscert plugin is disabled
    
Jan 21 11:21:37 11e charon: 00[CFG] ipseckey plugin is disabled
    
Jan 21 11:21:37 11e charon: 00[CFG] attr-sql plugin: database URI not set
    
Jan 21 11:21:37 11e charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
    
Jan 21 11:21:37 11e charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
    
Jan 21 11:21:37 11e charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
    
Jan 21 11:21:37 11e charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
    
Jan 21 11:21:37 11e charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
    
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
    
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-33a76ea6-0d47-46a5-8310-01a80de375db.secrets'
    
Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any
    
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-63c18717-e10e-4777-ba96-60bf94bb42c8.secrets'
    
Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any
    
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8c0ee4b9-835c-4872-874f-a39d33fe68bd.secrets'
    
Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any
    
Jan 21 11:21:37 11e charon: 00[CFG] sql plugin: database URI not set
    
Jan 21 11:21:37 11e charon: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
    
Jan 21 11:21:37 11e charon: 00[CFG] eap-simaka-sql database URI missing
    
Jan 21 11:21:37 11e charon: 00[CFG] loaded 0 RADIUS server configurations
    
Jan 21 11:21:37 11e charon: 00[CFG] HA config misses local/remote address
    
Jan 21 11:21:37 11e charon: 00[CFG] no threshold configured for systime-fix, disabled
    
Jan 21 11:21:37 11e charon: 00[CFG] coupling file path unspecified
    
Jan 21 11:21:37 11e charon: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 tpm aesni aes rc2 sha2 sha1 md4 md5 mgf1 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity counters
    
Jan 21 11:21:37 11e charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
    
Jan 21 11:21:37 11e charon: 00[JOB] spawning 16 worker threads
    
Jan 21 11:21:37 11e charon: 06[CFG] received stroke: add connection '33a76ea6-0d47-46a5-8310-01a80de375db'
    
Jan 21 11:21:37 11e charon: 06[CFG] a DH group is mandatory in IKE proposals
    
Jan 21 11:21:37 11e charon: 06[CFG] skipped invalid proposal string: aes-sha1
    
Jan 21 11:21:37 11e charon: 07[CFG] rereading secrets
    
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.secrets'
    
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-33a76ea6-0d47-46a5-8310-01a80de375db.secrets'
    
Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any
    
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-63c18717-e10e-4777-ba96-60bf94bb42c8.secrets'
    
Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any
    
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8c0ee4b9-835c-4872-874f-a39d33fe68bd.secrets'
    
Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any
    
Jan 21 11:21:38 11e charon: 09[CFG] received stroke: initiate '33a76ea6-0d47-46a5-8310-01a80de375db'
    
Jan 21 11:21:38 11e charon: 09[CFG] no config named '33a76ea6-0d47-46a5-8310-01a80de375db'
    
Jan 21 11:21:38 11e NetworkManager[939]: no config named '33a76ea6-0d47-46a5-8310-01a80de375db'
    
Jan 21 11:21:38 11e NetworkManager[939]: Stopping strongSwan IPsec...
    
Jan 21 11:21:38 11e charon: 00[DMN] signal of type SIGINT received. Shutting down
    
Jan 21 11:21:38 11e nm-l2tp-service[3194]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
    
Jan 21 11:21:38 11e NetworkManager[939]: <info>  [1548066098.4190] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN plugin: state changed: stopped (6)
    
Jan 21 11:21:38 11e NetworkManager[939]: <info>  [1548066098.4266] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN service disappeared
    
Jan 21 11:21:38 11e NetworkManager[939]: <warn>  [1548066098.4286] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'
    
Jan 21 11:21:41 11e NetworkManager[939]: <info>  [1548066101.4689] manager: NetworkManager state is now CONNECTED_SITE
    
Jan 21 11:21:41 11e whoopsie[1461]: [11:21:41] offline
    
Jan 21 11:21:41 11e dbus-daemon[907]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.16' (uid=0 pid=939 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
    
Jan 21 11:21:41 11e systemd[1]: Starting Network Manager Script Dispatcher Service...
    
Jan 21 11:21:41 11e dbus-daemon[907]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
    
Jan 21 11:21:41 11e systemd[1]: Started Network Manager Script Dispatcher Service.
    
Jan 21 11:21:41 11e nm-dispatcher: req:1 'connectivity-change': new request (1 scripts)
    
Jan 21 11:21:41 11e nm-dispatcher: req:1 'connectivity-change': start running ordered scripts...
    
Jan 21 11:21:42 11e NetworkManager[939]: <info>  [1548066102.8242] manager: NetworkManager state is now CONNECTED_GLOBAL
    
Jan 21 11:21:42 11e nm-dispatcher: req:2 'connectivity-change': new request (1 scripts)
    
Jan 21 11:21:42 11e nm-dispatcher: req:2 'connectivity-change': start running ordered scripts...
    
Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] The default IPv4 route is: /org/freedesktop/NetworkManager/ActiveConnection/2
    
Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] Not a paid data plan: /org/freedesktop/NetworkManager/ActiveConnection/2
    
Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] Found usable connection: /org/freedesktop/NetworkManager/ActiveConnection/2
    
Jan 21 11:21:44 11e whoopsie[1461]: [11:21:44] online
    
Jan 21 11:21:44 11e PackageKit: get-updates transaction /353_bdeecdcb from uid 1000 finished with success after 1991ms
    
Jan 21 11:21:46 11e PackageKit: get-updates transaction /354_bebcbabc from uid 1000 finished with success after 1864ms
    
Jan 21 11:21:48 11e PackageKit: get-updates transaction /355_cbeeacae from uid 1000 finished with success after 1878ms
    
Jan 21 11:21:50 11e PackageKit: get-updates transaction /356_bbecbebe from uid 1000 finished with success after 1847ms
    
Jan 21 11:21:52 11e PackageKit: get-updates transaction /357_bebedaba from uid 1000 finished with success after 1877ms


    enter image description here






    vpn







    share|improve this question









    New contributor




    jarzabek_waclaw is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      0












      0








      0








      I'm using Ubuntu 18.10. VPN is working on Win10
      I can't establish VPN with my MikroTik router.



      I tried this phases algorithms, but It's not working with any of them.



      1.



      Phase1 aes-sha1
      
Phase2 aes-sha1


      2.



      Phase1 3des-sha1-modp1024
      
Phase2 3des-sha1


      3.



      Phase1 3des-sha1;modp1024
      
Phase2 3des-sha1


      4.



      Phase1 aes256-sha1-modp1536
      
Phase2 aes256-sha1


      4) Is working with DraytekRouter.



      I used sudo tail -f /var/log/syslog to get logs and I'm attaching it.
      Can someone help me?



      LOG:



      Jan 21 11:21:20 11e dbus-daemon[1193]: [session uid=1000 pid=1193] Activating via systemd: service name='org.gnome.Terminal' unit='gnome-terminal-server.service' requested by ':1.88' (uid=1000 pid=3161 comm="/usr/bin/gnome-terminal.real --window " label="unconfined")
      
Jan 21 11:21:20 11e systemd[1125]: Starting GNOME Terminal Server...
      
Jan 21 11:21:20 11e dbus-daemon[1193]: [session uid=1000 pid=1193] Successfully activated service 'org.gnome.Terminal'
      
Jan 21 11:21:20 11e systemd[1125]: Started GNOME Terminal Server.
      
Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # watch_fast: "/org/gnome/terminal/legacy/" (establishing: 0, active: 0)
      
Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # unwatch_fast: "/org/gnome/terminal/legacy/" (active: 0, establishing: 1)
      
Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # watch_established: "/org/gnome/terminal/legacy/" (establishing: 0)
      
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3542] audit: op="connection-activate" uuid="33a76ea6-0d47-46a5-8310-01a80de375db" name="VPN" pid=1565 uid=1000 result="success"
      
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3729] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: Started the VPN service, PID 3194
      
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3941] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: Saw the service appear; activating connection
      
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.7926] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN connection: (ConnectInteractive) reply received
      
Jan 21 11:21:34 11e nm-l2tp-service[3194]: Check port 1701
      
Jan 21 11:21:34 11e NetworkManager[939]: Stopping strongSwan IPsec failed: starter is not running
      
Jan 21 11:21:36 11e NetworkManager[939]: Starting strongSwan 5.6.3 IPsec [starter]...
      
Jan 21 11:21:36 11e NetworkManager[939]: Loading config setup
      
Jan 21 11:21:36 11e NetworkManager[939]: Loading conn '33a76ea6-0d47-46a5-8310-01a80de375db'
      
Jan 21 11:21:36 11e NetworkManager[939]: found netkey IPsec stack
      
Jan 21 11:21:36 11e charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.6.3, Linux 4.18.0-13-generic, x86_64)
      
Jan 21 11:21:36 11e charon: 00[CFG] PKCS11 module '<name>' lacks library path
      
Jan 21 11:21:37 11e charon: 00[CFG] disabling load-tester plugin, not configured
      
Jan 21 11:21:37 11e charon: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
      
Jan 21 11:21:37 11e charon: 00[CFG] dnscert plugin is disabled
      
Jan 21 11:21:37 11e charon: 00[CFG] ipseckey plugin is disabled
      
Jan 21 11:21:37 11e charon: 00[CFG] attr-sql plugin: database URI not set
      
Jan 21 11:21:37 11e charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-33a76ea6-0d47-46a5-8310-01a80de375db.secrets'
      
Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-63c18717-e10e-4777-ba96-60bf94bb42c8.secrets'
      
Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8c0ee4b9-835c-4872-874f-a39d33fe68bd.secrets'
      
Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:37 11e charon: 00[CFG] sql plugin: database URI not set
      
Jan 21 11:21:37 11e charon: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
      
Jan 21 11:21:37 11e charon: 00[CFG] eap-simaka-sql database URI missing
      
Jan 21 11:21:37 11e charon: 00[CFG] loaded 0 RADIUS server configurations
      
Jan 21 11:21:37 11e charon: 00[CFG] HA config misses local/remote address
      
Jan 21 11:21:37 11e charon: 00[CFG] no threshold configured for systime-fix, disabled
      
Jan 21 11:21:37 11e charon: 00[CFG] coupling file path unspecified
      
Jan 21 11:21:37 11e charon: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 tpm aesni aes rc2 sha2 sha1 md4 md5 mgf1 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity counters
      
Jan 21 11:21:37 11e charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
      
Jan 21 11:21:37 11e charon: 00[JOB] spawning 16 worker threads
      
Jan 21 11:21:37 11e charon: 06[CFG] received stroke: add connection '33a76ea6-0d47-46a5-8310-01a80de375db'
      
Jan 21 11:21:37 11e charon: 06[CFG] a DH group is mandatory in IKE proposals
      
Jan 21 11:21:37 11e charon: 06[CFG] skipped invalid proposal string: aes-sha1
      
Jan 21 11:21:37 11e charon: 07[CFG] rereading secrets
      
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.secrets'
      
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-33a76ea6-0d47-46a5-8310-01a80de375db.secrets'
      
Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-63c18717-e10e-4777-ba96-60bf94bb42c8.secrets'
      
Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8c0ee4b9-835c-4872-874f-a39d33fe68bd.secrets'
      
Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:38 11e charon: 09[CFG] received stroke: initiate '33a76ea6-0d47-46a5-8310-01a80de375db'
      
Jan 21 11:21:38 11e charon: 09[CFG] no config named '33a76ea6-0d47-46a5-8310-01a80de375db'
      
Jan 21 11:21:38 11e NetworkManager[939]: no config named '33a76ea6-0d47-46a5-8310-01a80de375db'
      
Jan 21 11:21:38 11e NetworkManager[939]: Stopping strongSwan IPsec...
      
Jan 21 11:21:38 11e charon: 00[DMN] signal of type SIGINT received. Shutting down
      
Jan 21 11:21:38 11e nm-l2tp-service[3194]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
      
Jan 21 11:21:38 11e NetworkManager[939]: <info>  [1548066098.4190] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN plugin: state changed: stopped (6)
      
Jan 21 11:21:38 11e NetworkManager[939]: <info>  [1548066098.4266] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN service disappeared
      
Jan 21 11:21:38 11e NetworkManager[939]: <warn>  [1548066098.4286] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'
      
Jan 21 11:21:41 11e NetworkManager[939]: <info>  [1548066101.4689] manager: NetworkManager state is now CONNECTED_SITE
      
Jan 21 11:21:41 11e whoopsie[1461]: [11:21:41] offline
      
Jan 21 11:21:41 11e dbus-daemon[907]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.16' (uid=0 pid=939 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
      
Jan 21 11:21:41 11e systemd[1]: Starting Network Manager Script Dispatcher Service...
      
Jan 21 11:21:41 11e dbus-daemon[907]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
      
Jan 21 11:21:41 11e systemd[1]: Started Network Manager Script Dispatcher Service.
      
Jan 21 11:21:41 11e nm-dispatcher: req:1 'connectivity-change': new request (1 scripts)
      
Jan 21 11:21:41 11e nm-dispatcher: req:1 'connectivity-change': start running ordered scripts...
      
Jan 21 11:21:42 11e NetworkManager[939]: <info>  [1548066102.8242] manager: NetworkManager state is now CONNECTED_GLOBAL
      
Jan 21 11:21:42 11e nm-dispatcher: req:2 'connectivity-change': new request (1 scripts)
      
Jan 21 11:21:42 11e nm-dispatcher: req:2 'connectivity-change': start running ordered scripts...
      
Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] The default IPv4 route is: /org/freedesktop/NetworkManager/ActiveConnection/2
      
Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] Not a paid data plan: /org/freedesktop/NetworkManager/ActiveConnection/2
      
Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] Found usable connection: /org/freedesktop/NetworkManager/ActiveConnection/2
      
Jan 21 11:21:44 11e whoopsie[1461]: [11:21:44] online
      
Jan 21 11:21:44 11e PackageKit: get-updates transaction /353_bdeecdcb from uid 1000 finished with success after 1991ms
      
Jan 21 11:21:46 11e PackageKit: get-updates transaction /354_bebcbabc from uid 1000 finished with success after 1864ms
      
Jan 21 11:21:48 11e PackageKit: get-updates transaction /355_cbeeacae from uid 1000 finished with success after 1878ms
      
Jan 21 11:21:50 11e PackageKit: get-updates transaction /356_bbecbebe from uid 1000 finished with success after 1847ms
      
Jan 21 11:21:52 11e PackageKit: get-updates transaction /357_bebedaba from uid 1000 finished with success after 1877ms


      enter image description here






      vpn







      share|improve this question









      New contributor




      jarzabek_waclaw is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.












      I'm using Ubuntu 18.10. VPN is working on Win10
      I can't establish VPN with my MikroTik router.



      I tried this phases algorithms, but It's not working with any of them.



      1.



      Phase1 aes-sha1
      
Phase2 aes-sha1


      2.



      Phase1 3des-sha1-modp1024
      
Phase2 3des-sha1


      3.



      Phase1 3des-sha1;modp1024
      
Phase2 3des-sha1


      4.



      Phase1 aes256-sha1-modp1536
      
Phase2 aes256-sha1


      4) Is working with DraytekRouter.



      I used sudo tail -f /var/log/syslog to get logs and I'm attaching it.
      Can someone help me?



      LOG:



      Jan 21 11:21:20 11e dbus-daemon[1193]: [session uid=1000 pid=1193] Activating via systemd: service name='org.gnome.Terminal' unit='gnome-terminal-server.service' requested by ':1.88' (uid=1000 pid=3161 comm="/usr/bin/gnome-terminal.real --window " label="unconfined")
      
Jan 21 11:21:20 11e systemd[1125]: Starting GNOME Terminal Server...
      
Jan 21 11:21:20 11e dbus-daemon[1193]: [session uid=1000 pid=1193] Successfully activated service 'org.gnome.Terminal'
      
Jan 21 11:21:20 11e systemd[1125]: Started GNOME Terminal Server.
      
Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # watch_fast: "/org/gnome/terminal/legacy/" (establishing: 0, active: 0)
      
Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # unwatch_fast: "/org/gnome/terminal/legacy/" (active: 0, establishing: 1)
      
Jan 21 11:21:20 11e org.gnome.Shell.desktop[1565]: # watch_established: "/org/gnome/terminal/legacy/" (establishing: 0)
      
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3542] audit: op="connection-activate" uuid="33a76ea6-0d47-46a5-8310-01a80de375db" name="VPN" pid=1565 uid=1000 result="success"
      
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3729] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: Started the VPN service, PID 3194
      
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.3941] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: Saw the service appear; activating connection
      
Jan 21 11:21:34 11e NetworkManager[939]: <info>  [1548066094.7926] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN connection: (ConnectInteractive) reply received
      
Jan 21 11:21:34 11e nm-l2tp-service[3194]: Check port 1701
      
Jan 21 11:21:34 11e NetworkManager[939]: Stopping strongSwan IPsec failed: starter is not running
      
Jan 21 11:21:36 11e NetworkManager[939]: Starting strongSwan 5.6.3 IPsec [starter]...
      
Jan 21 11:21:36 11e NetworkManager[939]: Loading config setup
      
Jan 21 11:21:36 11e NetworkManager[939]: Loading conn '33a76ea6-0d47-46a5-8310-01a80de375db'
      
Jan 21 11:21:36 11e NetworkManager[939]: found netkey IPsec stack
      
Jan 21 11:21:36 11e charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.6.3, Linux 4.18.0-13-generic, x86_64)
      
Jan 21 11:21:36 11e charon: 00[CFG] PKCS11 module '<name>' lacks library path
      
Jan 21 11:21:37 11e charon: 00[CFG] disabling load-tester plugin, not configured
      
Jan 21 11:21:37 11e charon: 00[LIB] plugin 'load-tester': failed to load - load_tester_plugin_create returned NULL
      
Jan 21 11:21:37 11e charon: 00[CFG] dnscert plugin is disabled
      
Jan 21 11:21:37 11e charon: 00[CFG] ipseckey plugin is disabled
      
Jan 21 11:21:37 11e charon: 00[CFG] attr-sql plugin: database URI not set
      
Jan 21 11:21:37 11e charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
      
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-33a76ea6-0d47-46a5-8310-01a80de375db.secrets'
      
Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-63c18717-e10e-4777-ba96-60bf94bb42c8.secrets'
      
Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:37 11e charon: 00[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8c0ee4b9-835c-4872-874f-a39d33fe68bd.secrets'
      
Jan 21 11:21:37 11e charon: 00[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:37 11e charon: 00[CFG] sql plugin: database URI not set
      
Jan 21 11:21:37 11e charon: 00[CFG] opening triplet file /etc/ipsec.d/triplets.dat failed: No such file or directory
      
Jan 21 11:21:37 11e charon: 00[CFG] eap-simaka-sql database URI missing
      
Jan 21 11:21:37 11e charon: 00[CFG] loaded 0 RADIUS server configurations
      
Jan 21 11:21:37 11e charon: 00[CFG] HA config misses local/remote address
      
Jan 21 11:21:37 11e charon: 00[CFG] no threshold configured for systime-fix, disabled
      
Jan 21 11:21:37 11e charon: 00[CFG] coupling file path unspecified
      
Jan 21 11:21:37 11e charon: 00[LIB] loaded plugins: charon test-vectors unbound ldap pkcs11 tpm aesni aes rc2 sha2 sha1 md4 md5 mgf1 rdrand random nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey dnscert ipseckey pem openssl gcrypt af-alg fips-prf gmp curve25519 agent chapoly xcbc cmac hmac ctr ccm gcm ntru bliss curl soup mysql sqlite attr kernel-netlink resolve socket-default connmark farp stroke updown eap-identity eap-sim eap-sim-pcsc eap-aka eap-aka-3gpp2 eap-simaka-pseudonym eap-simaka-reauth eap-md5 eap-gtc eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap eap-tnc xauth-generic xauth-eap xauth-pam xauth-noauth tnc-tnccs tnccs-20 tnccs-11 tnccs-dynamic dhcp whitelist lookip error-notify certexpire led radattr addrblock unity counters
      
Jan 21 11:21:37 11e charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
      
Jan 21 11:21:37 11e charon: 00[JOB] spawning 16 worker threads
      
Jan 21 11:21:37 11e charon: 06[CFG] received stroke: add connection '33a76ea6-0d47-46a5-8310-01a80de375db'
      
Jan 21 11:21:37 11e charon: 06[CFG] a DH group is mandatory in IKE proposals
      
Jan 21 11:21:37 11e charon: 06[CFG] skipped invalid proposal string: aes-sha1
      
Jan 21 11:21:37 11e charon: 07[CFG] rereading secrets
      
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.secrets'
      
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-33a76ea6-0d47-46a5-8310-01a80de375db.secrets'
      
Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-63c18717-e10e-4777-ba96-60bf94bb42c8.secrets'
      
Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:37 11e charon: 07[CFG] loading secrets from '/etc/ipsec.d/nm-l2tp-ipsec-8c0ee4b9-835c-4872-874f-a39d33fe68bd.secrets'
      
Jan 21 11:21:37 11e charon: 07[CFG]   loaded IKE secret for %any
      
Jan 21 11:21:38 11e charon: 09[CFG] received stroke: initiate '33a76ea6-0d47-46a5-8310-01a80de375db'
      
Jan 21 11:21:38 11e charon: 09[CFG] no config named '33a76ea6-0d47-46a5-8310-01a80de375db'
      
Jan 21 11:21:38 11e NetworkManager[939]: no config named '33a76ea6-0d47-46a5-8310-01a80de375db'
      
Jan 21 11:21:38 11e NetworkManager[939]: Stopping strongSwan IPsec...
      
Jan 21 11:21:38 11e charon: 00[DMN] signal of type SIGINT received. Shutting down
      
Jan 21 11:21:38 11e nm-l2tp-service[3194]: g_dbus_method_invocation_take_error: assertion 'error != NULL' failed
      
Jan 21 11:21:38 11e NetworkManager[939]: <info>  [1548066098.4190] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN plugin: state changed: stopped (6)
      
Jan 21 11:21:38 11e NetworkManager[939]: <info>  [1548066098.4266] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN service disappeared
      
Jan 21 11:21:38 11e NetworkManager[939]: <warn>  [1548066098.4286] vpn-connection[0x55e2429c4330,33a76ea6-0d47-46a5-8310-01a80de375db,"VPN",0]: VPN connection: failed to connect: 'Message recipient disconnected from message bus without replying'
      
Jan 21 11:21:41 11e NetworkManager[939]: <info>  [1548066101.4689] manager: NetworkManager state is now CONNECTED_SITE
      
Jan 21 11:21:41 11e whoopsie[1461]: [11:21:41] offline
      
Jan 21 11:21:41 11e dbus-daemon[907]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.16' (uid=0 pid=939 comm="/usr/sbin/NetworkManager --no-daemon " label="unconfined")
      
Jan 21 11:21:41 11e systemd[1]: Starting Network Manager Script Dispatcher Service...
      
Jan 21 11:21:41 11e dbus-daemon[907]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
      
Jan 21 11:21:41 11e systemd[1]: Started Network Manager Script Dispatcher Service.
      
Jan 21 11:21:41 11e nm-dispatcher: req:1 'connectivity-change': new request (1 scripts)
      
Jan 21 11:21:41 11e nm-dispatcher: req:1 'connectivity-change': start running ordered scripts...
      
Jan 21 11:21:42 11e NetworkManager[939]: <info>  [1548066102.8242] manager: NetworkManager state is now CONNECTED_GLOBAL
      
Jan 21 11:21:42 11e nm-dispatcher: req:2 'connectivity-change': new request (1 scripts)
      
Jan 21 11:21:42 11e nm-dispatcher: req:2 'connectivity-change': start running ordered scripts...
      
Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] The default IPv4 route is: /org/freedesktop/NetworkManager/ActiveConnection/2
      
Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] Not a paid data plan: /org/freedesktop/NetworkManager/ActiveConnection/2
      
Jan 21 11:21:42 11e whoopsie[1461]: [11:21:42] Found usable connection: /org/freedesktop/NetworkManager/ActiveConnection/2
      
Jan 21 11:21:44 11e whoopsie[1461]: [11:21:44] online
      
Jan 21 11:21:44 11e PackageKit: get-updates transaction /353_bdeecdcb from uid 1000 finished with success after 1991ms
      
Jan 21 11:21:46 11e PackageKit: get-updates transaction /354_bebcbabc from uid 1000 finished with success after 1864ms
      
Jan 21 11:21:48 11e PackageKit: get-updates transaction /355_cbeeacae from uid 1000 finished with success after 1878ms
      
Jan 21 11:21:50 11e PackageKit: get-updates transaction /356_bbecbebe from uid 1000 finished with success after 1847ms
      
Jan 21 11:21:52 11e PackageKit: get-updates transaction /357_bebedaba from uid 1000 finished with success after 1877ms


      enter image description here






      vpn




      vpn






      share|improve this question









      New contributor




      jarzabek_waclaw is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question









      New contributor




      jarzabek_waclaw is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question








      edited 9 hours ago









      pomsky

      29.7k1190117




      29.7k1190117






      New contributor




      jarzabek_waclaw is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 9 hours ago









      jarzabek_waclawjarzabek_waclaw

      1




      1




      New contributor




      jarzabek_waclaw is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      jarzabek_waclaw is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      jarzabek_waclaw is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          1 Answer
          1






          active

          oldest

          votes


















          0














          I would recommend deleting the generated /etc/ipsec.d/nm-l2tp-ipsec-*.secrets files that didn't get deleted for one reason or another.



          The error message says you didn't specify a DH group for phase 1.



          Run the ike-scan.sh script from the following page to help determine what you need for Phase 1 :




          • https://github.com/nm-l2tp/network-manager-l2tp/wiki/Known-Issues


          issue something like the following:



          sudo ipsec stop
          
chmod a+rx ./ike-scan.sh
          
sudo ./ike-scan.sh 10.10.10.250 | grep SA=


          then lets us know what the output is.






          share|improve this answer























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "89"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });






            jarzabek_waclaw is a new contributor. Be nice, and check out our Code of Conduct.










            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1111615%2fvpn-l2tp-over-ipsec-connection%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            I would recommend deleting the generated /etc/ipsec.d/nm-l2tp-ipsec-*.secrets files that didn't get deleted for one reason or another.



            The error message says you didn't specify a DH group for phase 1.



            Run the ike-scan.sh script from the following page to help determine what you need for Phase 1 :




            • https://github.com/nm-l2tp/network-manager-l2tp/wiki/Known-Issues


            issue something like the following:



            sudo ipsec stop
            
chmod a+rx ./ike-scan.sh
            
sudo ./ike-scan.sh 10.10.10.250 | grep SA=


            then lets us know what the output is.






            share|improve this answer




























              0














              I would recommend deleting the generated /etc/ipsec.d/nm-l2tp-ipsec-*.secrets files that didn't get deleted for one reason or another.



              The error message says you didn't specify a DH group for phase 1.



              Run the ike-scan.sh script from the following page to help determine what you need for Phase 1 :




              • https://github.com/nm-l2tp/network-manager-l2tp/wiki/Known-Issues


              issue something like the following:



              sudo ipsec stop
              
chmod a+rx ./ike-scan.sh
              
sudo ./ike-scan.sh 10.10.10.250 | grep SA=


              then lets us know what the output is.






              share|improve this answer


























                0












                0








                0







                I would recommend deleting the generated /etc/ipsec.d/nm-l2tp-ipsec-*.secrets files that didn't get deleted for one reason or another.



                The error message says you didn't specify a DH group for phase 1.



                Run the ike-scan.sh script from the following page to help determine what you need for Phase 1 :




                • https://github.com/nm-l2tp/network-manager-l2tp/wiki/Known-Issues


                issue something like the following:



                sudo ipsec stop
                
chmod a+rx ./ike-scan.sh
                
sudo ./ike-scan.sh 10.10.10.250 | grep SA=


                then lets us know what the output is.






                share|improve this answer













                I would recommend deleting the generated /etc/ipsec.d/nm-l2tp-ipsec-*.secrets files that didn't get deleted for one reason or another.



                The error message says you didn't specify a DH group for phase 1.



                Run the ike-scan.sh script from the following page to help determine what you need for Phase 1 :




                • https://github.com/nm-l2tp/network-manager-l2tp/wiki/Known-Issues


                issue something like the following:



                sudo ipsec stop
                
chmod a+rx ./ike-scan.sh
                
sudo ./ike-scan.sh 10.10.10.250 | grep SA=


                then lets us know what the output is.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered 9 hours ago









                Douglas KosovicDouglas Kosovic

                33614




                33614






















                    jarzabek_waclaw is a new contributor. Be nice, and check out our Code of Conduct.










                    draft saved

                    draft discarded


















                    jarzabek_waclaw is a new contributor. Be nice, and check out our Code of Conduct.













                    jarzabek_waclaw is a new contributor. Be nice, and check out our Code of Conduct.












                    jarzabek_waclaw is a new contributor. Be nice, and check out our Code of Conduct.
















                    Thanks for contributing an answer to Ask Ubuntu!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1111615%2fvpn-l2tp-over-ipsec-connection%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    Popular posts from this blog

                    GameSpot

                    Image
                    body.skin-minerva .mw-parser-output table.infobox caption{text-align:center} GameSpot 戰地風雲:惡名昭彰2在Gamespot的評論 网站类型 新聞 持有者 CBS 创始人 Pete Deemer Vince Broady Jon Epstein 网站 http://www.gamespot.com/ 注册 Optional (free and paid) 推出时间 1996年5月1日 [1] GameSpot (中国大陆:游戏基地),於1996年5月由Pete Deemer和Vince Broady創立,是一個提供新聞、評論、預告片、下載及其他的相關資訊的電子遊戲網站。GameSpot被一間後來被CNET收購的企業ZDNet所收購。根據Alexa,GameSpot.com是200個網路擁擠最嚴重的網站之一。 除了由GameSpot員工創作的內容,網站還允許用戶寫評論、網誌、之後在網路論壇分享。一些在CNET旗下的GameFAQs分享。 2004年, GameSpot被Spike TV的觀眾選上「電子遊戲賞節目」贏得「最傑出遊戲網站。 [2] 其他的遊戲網站還有IGN、1UP.com、GameSpy是它最大的競爭對手。2008年,根據Compete.com的統計,「gamespot.com」吸引了最少6000萬人的點擊率。 [3] GameSpot的主頁鏈結了到最近新聞、評論、預告、和一些有關遊戲機的入口:Wii、任天堂DS、電腦遊戲、Xbox 360、PSP、PlayStation 2、PlayStation 3。它還有一列「最受歡迎遊戲名單」,還有給用戶快速獲得遊戲資訊的搜尋器。GameSpot 還包括一些小範圍的遊戲機:任天堂64、GameCube、Game Boy Color、Game Boy Advance、Xbox、PlayStation、SEGA Saturn、Dreamcast、Neo Geo Pocket Color、N-Gage、手機遊戲。 目录 1 歷史 1.1 國際歷史 1.2 著名的員工 2 評論和分
                    Read more

                    connect to host localhost port 22: Connection refused

                    Image
                    .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0; } 1 1 I created a Ubuntu Vagrant box and ssh'd into it. Now, created a ssh key and trying to ssh to my localhost but I get the following error. vagrant@vagrant-ubuntu-trusty-64:~$ ssh -vvvv localhost OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to localhost [127.0.0.1] port 22. debug1: connect to address 127.0.0.1 port 22: Connection refused ssh: connect to host localhost port 22: Connection refused When I check the list of ports opened as follows: vagrant@vagrant-ubuntu-trusty-64:~$ s
                    Read more

                    Getting a Wifi WPA2 wifi connection

                    Image
                    .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0; } 0 I've been trying to get a simple wifi connection ! bu I have to admit I just can't get it done ! here is what I've tried: root@MYONE:/etc# clear root@MYONE:/etc# vi wpa_supplicant.conf ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 update_config=1 network={ ssid="Mi Engine" psk="7407352688e4" } root@MYONE:/etc# iw wlan0 link Not connected. root@MYONE:/etc# ifconfig eth0 Link encap:Ethernet HWaddr 74:FE:48:3A:55:AB inet addr:192.168.178.88 Bcast:192.168.178.255 Mask:255.255.255.0 inet6 addr: fe80::76fe:48ff:fe3a:55ab%4804152/64 Scope:Link UP BRO
                    Read more