Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

Bug#1007899: network-manager: L2TP-VPN doesn't work with network-manager version 1.36.2-1 (works with 1.34.0-1)

34 views

Skip to first unread message

Marcel Jira

unread,

Mar 18, 2022, 6:00:04 AM3/18/22

Package: network-manager
Version: 1.36.2-1
Severity: important
Tags: upstream
X-Debbugs-Cc: marce...@gmail.com

I used to connect to a VPN using network-manager-l2tp and network-manager-l2tp-
gnome.

The connection recently stopped working (see log below). A connection is
established but terminates quickly after logging a series of "Received out of
order control packet" messages. Also the connection is not usable (no ping to a
machine in the vpn possible) in the short amount of time the connection is
present.

Downgrading the packages "libnm0" and "network-manager" to version 1.34.0-1
solves the problem and makes the VPN usable again.

A similar problem was described at
* https://forum.manjaro.org/t/stable-update-2022-03-14-kernels-kde-libreoffice-
kodi-qt5-mozilla-networkmanager-pipewire/105493/53?page=3

A big shoutout to eggy and michaa7 in the German Debian forum who helped me
find a temporary solution for the problem:
https://debianforum.de/forum/viewtopic.php?t=183809

Log snippet of failing VPN connection:

Mär 08 09:24:32 austernpilz-marcel charon[5989]: 01[ENC] parsed
INFORMATIONAL_V1 request 2021249469 [ HASH N(DPD) ]
Mär 08 09:24:32 austernpilz-marcel charon[5989]: 01[ENC] generating
INFORMATIONAL_V1 request 356123565 [ HASH N(DPD_ACK) ]
Mär 08 09:24:32 austernpilz-marcel charon[5989]: 01[NET] sending packet: from
192.168.0.180[4500] to <Public IP>[4500] (92 bytes)
Mär 08 09:24:45 austernpilz-marcel NetworkManager[6024]: xl2tpd[6024]:
check_control: Received out of order control packet on tunnel 61041 (got 3,
expected 4)
Mär 08 09:24:45 austernpilz-marcel NetworkManager[6024]: xl2tpd[6024]:
handle_control: bad control packet!
Mär 08 09:24:45 austernpilz-marcel charon[5989]: 07[NET] received packet: from
<Public IP>[4500] to 192.168.0.180[4500] (84 bytes)
Mär 08 09:24:45 austernpilz-marcel charon[5989]: 07[ENC] parsed
INFORMATIONAL_V1 request 3124328840 [ HASH N(DPD) ]
Mär 08 09:24:45 austernpilz-marcel charon[5989]: 07[ENC] generating
INFORMATIONAL_V1 request 1656922586 [ HASH N(DPD_ACK) ]
Mär 08 09:24:45 austernpilz-marcel charon[5989]: 07[NET] sending packet: from
192.168.0.180[4500] to <Public IP>[4500] (92 bytes)
Mär 08 09:24:47 austernpilz-marcel NetworkManager[6024]: xl2tpd[6024]:
check_control: Received out of order control packet on tunnel 61041 (got 3,
expected 4)
Mär 08 09:24:47 austernpilz-marcel NetworkManager[6024]: xl2tpd[6024]:
handle_control: bad control packet!
Mär 08 09:24:51 austernpilz-marcel NetworkManager[6024]: xl2tpd[6024]:
check_control: Received out of order control packet on tunnel 61041 (got 3,
expected 4)
Mär 08 09:24:51 austernpilz-marcel NetworkManager[6024]: xl2tpd[6024]:
handle_control: bad control packet!
Mär 08 09:24:59 austernpilz-marcel NetworkManager[6024]: xl2tpd[6024]:
check_control: Received out of order control packet on tunnel 61041 (got 3,
expected 4)
Mär 08 09:24:59 austernpilz-marcel NetworkManager[6024]: xl2tpd[6024]:
handle_control: bad control packet!
Mär 08 09:25:05 austernpilz-marcel charon[5989]: 11[IKE] sending keep alive to
<Public IP>[4500]
Mär 08 09:25:06 austernpilz-marcel charon[5989]: 12[NET] received packet: from
<Public IP>[4500] to 192.168.0.180[4500] (84 bytes)
Mär 08 09:25:06 austernpilz-marcel charon[5989]: 12[ENC] parsed
INFORMATIONAL_V1 request 2249792635 [ HASH D ]
Mär 08 09:25:06 austernpilz-marcel charon[5989]: 12[IKE] received DELETE for
IKE_SA 016e39e7-c775-46be-85d3-215b15580b02[1]
Mär 08 09:25:06 austernpilz-marcel charon[5989]: 12[IKE] deleting IKE_SA
016e39e7-c775-46be-85d3-215b15580b02[1] between
192.168.0.180[192.168.0.180]...<Public IP>[<Public IP>]
Mär 08 09:25:06 austernpilz-marcel charon[5989]: 12[IKE] deleting IKE_SA
016e39e7-c775-46be-85d3-215b15580b02[1] between
192.168.0.180[192.168.0.180]...<Public IP>[<Public IP>]
Mär 08 09:25:14 austernpilz-marcel NetworkManager[6024]: xl2tpd[6024]: Maximum
retries exceeded for tunnel 62233. Closing.

-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'stable-updates'), (500, 'stable-security'), (500, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.16.0-4-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8), LANGUAGE=de_AT:de
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages network-manager depends on:
ii adduser 3.120
ii dbus 1.14.0-1
ii libaudit1 1:3.0.7-1+b1
ii libbluetooth3 5.62-2
ii libc6 2.33-7
ii libcurl3-gnutls 7.81.0-1
ii libglib2.0-0 2.70.4-1
ii libgnutls30 3.7.3-4+b1
ii libjansson4 2.13.1-1.1
ii libmm-glib0 1.18.6-2
ii libndp0 1.6-1+b1
ii libnewt0.52 0.52.21-5+b1
ii libnm0 1.34.0-1
ii libpsl5 0.21.0-1.2
ii libreadline8 8.1.2-1
ii libselinux1 3.3-1+b2
ii libsystemd0 250.4-1
ii libteamdctl0 1.31-1
ii libudev1 250.4-1
ii policykit-1 0.105-33
ii udev 250.4-1
ii wpasupplicant 2:2.9.0-23

Versions of packages network-manager recommends:
ii dnsmasq-base [dnsmasq-base] 2.86-1.1
ii iptables 1.8.7-1
ii libpam-systemd 250.4-1
ii modemmanager 1.18.6-2
ii ppp 2.4.9-1+1
ii wireless-regdb 2021.08.28-1

Versions of packages network-manager suggests:
pn libteam-utils <none>

Versions of packages network-manager is related to:
ii isc-dhcp-client 4.4.2-P1-1+b1

-- no debconf information

Michael Biebl

unread,

Mar 18, 2022, 7:10:04 AM3/18/22

Control: clone -1 -2
Control: reassign -2 network-manager-l2tp

Am 18.03.22 um 10:50 schrieb Marcel Jira:

> _______________________________________________
> Pkg-utopia-maintainers mailing list
> Pkg-utopia-...@alioth-lists.debian.net
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-utopia-maintainers

OpenPGP_signature

Michael Biebl

unread,

Mar 29, 2022, 3:50:03 PM3/29/22

Hi Doug

On Tue, 22 Mar 2022 00:38:54 +0000 Douglas Kosovic <do...@uq.edu.au> wrote:
> I suspect this is the same as the following upstream NetworkManager 1.36.2
> routing bug:
> https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/946
>
> I assume you have enabled the "Use this connection only for resources on
> its network" checkbox in the VPN connection's IPv4 settings? In which
> case network-manager 1.36.2 doesn't appear to be adding any routes for
> the VPN connection like it does if the checkbox isn't enabled or did
> with earlier versions of NetworkManager.

Is there anything to fix on the network-manager package side or can this
issue be closed?

OpenPGP_signature

0 new messages