OVH Community, your new community space.

L2TP over IPSec?


ictdude
15-01-2015, 20:19
You can use OpenVPN i did install it successfully on a Classic VPS

Zemmer
14-10-2014, 18:17
Support finally responded, turns out it's not possible for classic VPSes (despite telling me earlier it was).

Zemmer
24-09-2014, 19:10
uname -s outputs "Linux". And I don't think I have selinux installed:
-bash: setenforce: command not found

I can't seem to install modules for my kernel either. =[

lynxus
22-09-2014, 15:38
Looks like a kernel issue.

Looking at the code, It seems like its not happy either with the version of kernel you have or something along those lines.

if [ "$(uname -s)" = "Linux" ] && ! check_kernel ; then
echo "racoon - IKE keying daemon will not be started as $PROC_FILE is not" 1>&2
echo " available or a suitable 2.6 (or 2.4 with IPSEC backport)" 1>&2
echo " kernel with af_key.[k]o module is not installed." 1>&2
exit 0
fi



What does the command "uname -s" output when you type it as root?

Is your kernel 2.6 or newer?

You could try and update the kernel? ( Not 100% sure how to do this on debian? )
Maybe?
https://ticketing.nforce.com/index.p...bian-6-squeeze


But yeah,- The problem is you might be running an old kernel? or at least you dont have af_key module installed.

EDIT
Ah rubbish
Just seen your final bit of text saying you have 2.6 kernel...
In that case, Not sure whats wrong? -- Do you have selinux installed? ( setenforce 0 ) to disable and try again?

Zemmer
16-09-2014, 13:41
I recently moved from my old VPS to an OVH box, but now my L2TP VPN isn't working anymore. I used this tutorial to set it up.

When I'm trying to start racoon, it returns:
Code:
racoon - IKE keying daemon will not be started as /proc/net/pfkey is not
         available or a suitable 2.6 (or 2.4 with IPSEC backport)
         kernel with af_key.[k]o module installed.
When I'm trying to start xl2tpd:
Code:
setsockopt recvref[30]: Protocol not available
/etc/init.d/setkey start:
Code:
[....] Loading IPsec SA/SP database: 
  - /etc/ipsec-tools.conf  pfkey_open: Address family not supported by protocol
  - /etc/ipsec-tools.d/l2tp.conf pfkey_open: Address family not supported by protocol
 failed!
modprobe (af/pf)_key:
Code:
libkmod: ERROR ../libkmod/libkmod.c:554 kmod_search_moddep: could not open moddep file '/lib/modules/2.6.32-042stab092.2/modules.dep.bin'
I'm at a loss what to do to get it working. Tried contacting technical support from within the manager, but my message doesn't even show up...
I'm on Debian Wheezy, kernel version 2.6.32-042stab092.2.