No Internet while connected to vpn
KornyAS opened this issue · 5 comments
Im using vpn on my pc 24/7 and most of the time it works good. But sometimes, especially when I enable vpn on my phone with strongswan - after some short time both my pc and my phone lost internet connection while connection to vpn persists.
In the logs I noticed this line "death_handler: Fatal signal 15 received":
root@nl-vmnano:~# grep xl2tpd /var/log/syslog
Mar 8 16:16:29 nl-vmnano xl2tpd[1062]: Not looking for kernel SAref support.
Mar 8 16:16:29 nl-vmnano xl2tpd[1062]: Using l2tp kernel support.
Mar 8 16:16:29 nl-vmnano xl2tpd[1056]: Starting xl2tpd: xl2tpd.
Mar 8 16:16:29 nl-vmnano xl2tpd[1066]: xl2tpd version xl2tpd-1.3.12 started on nl-vmnano PID:1066
Mar 8 16:16:29 nl-vmnano xl2tpd[1066]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Mar 8 16:16:29 nl-vmnano xl2tpd[1066]: Forked by Scott Balmos and David Stipp, (C) 2001
Mar 8 16:16:29 nl-vmnano xl2tpd[1066]: Inherited by Jeff McAdams, (C) 2002
Mar 8 16:16:29 nl-vmnano xl2tpd[1066]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
Mar 8 16:16:29 nl-vmnano xl2tpd[1066]: Listening on IP address 0.0.0.0, port 1701
Mar 8 16:16:43 nl-vmnano xl2tpd[1066]: death_handler: Fatal signal 15 received
Mar 8 16:16:43 nl-vmnano xl2tpd[1411]: Stopping xl2tpd: xl2tpd.
Mar 8 16:16:43 nl-vmnano systemd[1]: xl2tpd.service: Succeeded.
Mar 8 16:16:43 nl-vmnano xl2tpd[1420]: Not looking for kernel SAref support.
Mar 8 16:16:43 nl-vmnano xl2tpd[1420]: Using l2tp kernel support.
Mar 8 16:16:43 nl-vmnano xl2tpd[1416]: Starting xl2tpd: xl2tpd.
Mar 8 16:16:43 nl-vmnano xl2tpd[1421]: xl2tpd version xl2tpd-1.3.12 started on nl-vmnano PID:1421
Mar 8 16:16:43 nl-vmnano xl2tpd[1421]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Mar 8 16:16:43 nl-vmnano xl2tpd[1421]: Forked by Scott Balmos and David Stipp, (C) 2001
Mar 8 16:16:43 nl-vmnano xl2tpd[1421]: Inherited by Jeff McAdams, (C) 2002
Mar 8 16:16:43 nl-vmnano xl2tpd[1421]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
Mar 8 16:16:43 nl-vmnano xl2tpd[1421]: Listening on IP address 0.0.0.0, port 1701
Mar 8 16:25:25 nl-vmnano xl2tpd[1421]: death_handler: Fatal signal 15 received
Mar 8 16:25:25 nl-vmnano xl2tpd[1936]: Stopping xl2tpd: xl2tpd.
Mar 8 16:25:25 nl-vmnano systemd[1]: xl2tpd.service: Succeeded.
Mar 8 16:25:25 nl-vmnano xl2tpd[1945]: Not looking for kernel SAref support.
Mar 8 16:25:25 nl-vmnano xl2tpd[1945]: Using l2tp kernel support.
Mar 8 16:25:25 nl-vmnano xl2tpd[1941]: Starting xl2tpd: xl2tpd.
Mar 8 16:25:25 nl-vmnano xl2tpd[1946]: xl2tpd version xl2tpd-1.3.12 started on nl-vmnano PID:1946
Mar 8 16:25:25 nl-vmnano xl2tpd[1946]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Mar 8 16:25:25 nl-vmnano xl2tpd[1946]: Forked by Scott Balmos and David Stipp, (C) 2001
Mar 8 16:25:25 nl-vmnano xl2tpd[1946]: Inherited by Jeff McAdams, (C) 2002
Mar 8 16:25:25 nl-vmnano xl2tpd[1946]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
Mar 8 16:25:25 nl-vmnano xl2tpd[1946]: Listening on IP address 0.0.0.0, port 1701
What can be the cause of the problem
Could you please tell more about how to switch to IKEv2 without L2TP
I set up vpn using this guide https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/ikev2-howto.md#configure-ikev2-vpn-clients
@KornyAS Hello! The "Fatal signal 15 received" message is normal, it is usually logged when the xl2tpd service restarts. From your comments, it looks like you are already using IKEv2 mode. xl2tpd is not used in this mode.
The issue you described could be caused by multiple devices sharing the same IKEv2 certificate. To fix, make sure that you create a unique IKEv2 certificate for each device. See Manage IKEv2 clients for more details.
I just created the new certificate for my pc - connected it and in less than 10 minutes - I recieved No internet. How can it be possible?