Hello folks, I'm trying to configure my Linux station connect to a Meraki VPN. I followed all the steps presented here (https://documentation.meraki.com/MX/Client_VPN/Client_VPN_OS_Configuration). Nevertheless, when I try to connect it fails with the following error log. Any tip about how to proceed? Jul 22 22:53:05 darkside NetworkManager[931]: <info> [1658541185.0054] vpn[0x557c8275c700,5bef9673-1244-4646-aba9-381bd613643b,"My VPN"]: starting l2tp
Jul 22 22:53:05 darkside NetworkManager[931]: <info> [1658541185.0056] audit: op="connection-activate" uuid="5bef9673-1244-4646-aba9-381bd613643b" name="My VPN" pid=8281 uid=1000 result="success"
Jul 22 22:53:05 darkside nm-l2tp-service[10335]: Check port 1701
Jul 22 22:53:05 darkside NetworkManager[10350]: Stopping strongSwan IPsec failed: starter is not running
Jul 22 22:53:07 darkside NetworkManager[10347]: Starting strongSwan 5.9.5 IPsec [starter]...
Jul 22 22:53:07 darkside NetworkManager[10347]: Loading config setup
Jul 22 22:53:07 darkside NetworkManager[10347]: Loading conn '5bef9673-1244-4646-aba9-381bd613643b'
Jul 22 22:53:07 darkside charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.9.5, Linux 5.15.0-41-generic, x86_64)
Jul 22 22:53:07 darkside charon: 00[LIB] providers loaded by OpenSSL: legacy default
Jul 22 22:53:07 darkside charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Jul 22 22:53:07 darkside charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Jul 22 22:53:07 darkside charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Jul 22 22:53:07 darkside charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Jul 22 22:53:07 darkside charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Jul 22 22:53:07 darkside charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Jul 22 22:53:07 darkside charon: 00[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
Jul 22 22:53:07 darkside charon: 00[CFG] loaded IKE secret for %any
Jul 22 22:53:07 darkside charon: 00[LIB] loaded plugins: charon aesni aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm drbg attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters
Jul 22 22:53:07 darkside charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
Jul 22 22:53:07 darkside charon: 00[JOB] spawning 16 worker threads
Jul 22 22:53:07 darkside charon: 06[CFG] received stroke: add connection '5bef9673-1244-4646-aba9-381bd613643b'
Jul 22 22:53:07 darkside charon: 06[CFG] added configuration '5bef9673-1244-4646-aba9-381bd613643b'
Jul 22 22:53:08 darkside charon: 07[CFG] rereading secrets
Jul 22 22:53:08 darkside charon: 07[CFG] loading secrets from '/etc/ipsec.secrets'
Jul 22 22:53:08 darkside charon: 07[CFG] loading secrets from '/etc/ipsec.d/ipsec.nm-l2tp.secrets'
Jul 22 22:53:08 darkside charon: 07[CFG] loaded IKE secret for %any
Jul 22 22:53:08 darkside charon: 10[CFG] received stroke: initiate '5bef9673-1244-4646-aba9-381bd613643b'
Jul 22 22:53:08 darkside charon: 12[IKE] initiating Main Mode IKE_SA 5bef9673-1244-4646-aba9-381bd613643b[1] to <ip_replaced>
Jul 22 22:53:08 darkside charon: 12[ENC] generating ID_PROT request 0 [ SA V V V V V ]
Jul 22 22:53:08 darkside charon: 12[NET] sending packet: from 192.168.0.13[500] to <ip_replaced>[500] (212 bytes)
Jul 22 22:53:08 darkside charon: 11[NET] received packet: from <ip_replaced>[500] to 192.168.0.13[500] (156 bytes)
Jul 22 22:53:08 darkside charon: 11[ENC] parsed ID_PROT response 0 [ SA V V V V ]
Jul 22 22:53:08 darkside charon: 11[IKE] received XAuth vendor ID
Jul 22 22:53:08 darkside charon: 11[IKE] received DPD vendor ID
Jul 22 22:53:08 darkside charon: 11[IKE] received FRAGMENTATION vendor ID
Jul 22 22:53:08 darkside charon: 11[IKE] received NAT-T (RFC 3947) vendor ID
Jul 22 22:53:08 darkside charon: 11[CFG] selected proposal: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Jul 22 22:53:08 darkside charon: 11[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Jul 22 22:53:08 darkside charon: 11[NET] sending packet: from 192.168.0.13[500] to <ip_replaced>[500] (244 bytes)
Jul 22 22:53:08 darkside charon: 13[NET] received packet: from <ip_replaced>[500] to 192.168.0.13[500] (244 bytes)
Jul 22 22:53:08 darkside charon: 13[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Jul 22 22:53:08 darkside charon: 13[IKE] local host is behind NAT, sending keep alives
Jul 22 22:53:08 darkside charon: 13[ENC] generating ID_PROT request 0 [ ID HASH ]
Jul 22 22:53:08 darkside charon: 13[NET] sending packet: from 192.168.0.13[4500] to <ip_replaced>[4500] (68 bytes)
Jul 22 22:53:08 darkside charon: 14[NET] received packet: from <ip_replaced>[4500] to 192.168.0.13[4500] (68 bytes)
Jul 22 22:53:08 darkside charon: 14[ENC] parsed ID_PROT response 0 [ ID HASH ]
Jul 22 22:53:08 darkside charon: 14[IKE] IKE_SA 5bef9673-1244-4646-aba9-381bd613643b[1] established between 192.168.0.13[192.168.0.13]...<ip_replaced>[<ip_replaced>]
Jul 22 22:53:08 darkside charon: 14[IKE] scheduling reauthentication in 9966s
Jul 22 22:53:08 darkside charon: 14[IKE] maximum IKE_SA lifetime 10506s
Jul 22 22:53:08 darkside charon: 14[ENC] generating QUICK_MODE request 680526569 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
Jul 22 22:53:08 darkside charon: 14[NET] sending packet: from 192.168.0.13[4500] to <ip_replaced>[4500] (356 bytes)
Jul 22 22:53:08 darkside charon: 01[NET] received packet: from <ip_replaced>[4500] to 192.168.0.13[4500] (76 bytes)
Jul 22 22:53:08 darkside charon: 01[ENC] parsed INFORMATIONAL_V1 request 3407603671 [ HASH N(NO_PROP) ]
Jul 22 22:53:08 darkside charon: 01[IKE] received NO_PROPOSAL_CHOSEN error notify
Jul 22 22:53:08 darkside NetworkManager[10390]: initiating Main Mode IKE_SA 5bef9673-1244-4646-aba9-381bd613643b[1] to <ip_replaced>
Jul 22 22:53:08 darkside NetworkManager[10390]: generating ID_PROT request 0 [ SA V V V V V ]
Jul 22 22:53:08 darkside NetworkManager[10390]: sending packet: from 192.168.0.13[500] to <ip_replaced>[500] (212 bytes)
Jul 22 22:53:08 darkside NetworkManager[10390]: received packet: from <ip_replaced>[500] to 192.168.0.13[500] (156 bytes)
Jul 22 22:53:08 darkside NetworkManager[10390]: parsed ID_PROT response 0 [ SA V V V V ]
Jul 22 22:53:08 darkside NetworkManager[10390]: received XAuth vendor ID
Jul 22 22:53:08 darkside NetworkManager[10390]: received DPD vendor ID
Jul 22 22:53:08 darkside NetworkManager[10390]: received FRAGMENTATION vendor ID
Jul 22 22:53:08 darkside NetworkManager[10390]: received NAT-T (RFC 3947) vendor ID
Jul 22 22:53:08 darkside NetworkManager[10390]: selected proposal: IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Jul 22 22:53:08 darkside NetworkManager[10390]: generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Jul 22 22:53:08 darkside NetworkManager[10390]: sending packet: from 192.168.0.13[500] to <ip_replaced>[500] (244 bytes)
Jul 22 22:53:08 darkside NetworkManager[10390]: received packet: from <ip_replaced>[500] to 192.168.0.13[500] (244 bytes)
Jul 22 22:53:08 darkside NetworkManager[10390]: parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Jul 22 22:53:08 darkside NetworkManager[10390]: local host is behind NAT, sending keep alives
Jul 22 22:53:08 darkside NetworkManager[10390]: generating ID_PROT request 0 [ ID HASH ]
Jul 22 22:53:08 darkside NetworkManager[10390]: sending packet: from 192.168.0.13[4500] to <ip_replaced>[4500] (68 bytes)
Jul 22 22:53:08 darkside NetworkManager[10390]: received packet: from <ip_replaced>[4500] to 192.168.0.13[4500] (68 bytes)
Jul 22 22:53:08 darkside NetworkManager[10390]: parsed ID_PROT response 0 [ ID HASH ]
Jul 22 22:53:08 darkside NetworkManager[10390]: IKE_SA 5bef9673-1244-4646-aba9-381bd613643b[1] established between 192.168.0.13[192.168.0.13]...<ip_replaced>[<ip_replaced>]
Jul 22 22:53:08 darkside NetworkManager[10390]: scheduling reauthentication in 9966s
Jul 22 22:53:08 darkside NetworkManager[10390]: maximum IKE_SA lifetime 10506s
Jul 22 22:53:08 darkside NetworkManager[10390]: generating QUICK_MODE request 680526569 [ HASH SA No KE ID ID NAT-OA NAT-OA ]
Jul 22 22:53:08 darkside NetworkManager[10390]: sending packet: from 192.168.0.13[4500] to <ip_replaced>[4500] (356 bytes)
Jul 22 22:53:08 darkside NetworkManager[10390]: received packet: from <ip_replaced>[4500] to 192.168.0.13[4500] (76 bytes)
Jul 22 22:53:08 darkside NetworkManager[10390]: parsed INFORMATIONAL_V1 request 3407603671 [ HASH N(NO_PROP) ]
Jul 22 22:53:08 darkside NetworkManager[10390]: received NO_PROPOSAL_CHOSEN error notify
Jul 22 22:53:08 darkside NetworkManager[10390]: establishing connection '5bef9673-1244-4646-aba9-381bd613643b' failed
Jul 22 22:53:08 darkside nm-l2tp-service[10335]: xl2tpd started with pid 10396
Jul 22 22:53:08 darkside NetworkManager[10396]: xl2tpd[10396]: Not looking for kernel SAref support.
Jul 22 22:53:08 darkside NetworkManager[10396]: xl2tpd[10396]: Using l2tp kernel support.
Jul 22 22:53:08 darkside NetworkManager[10396]: xl2tpd[10396]: xl2tpd version xl2tpd-1.3.16 started on darkside PID:10396
Jul 22 22:53:08 darkside NetworkManager[10396]: xl2tpd[10396]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Jul 22 22:53:08 darkside NetworkManager[10396]: xl2tpd[10396]: Forked by Scott Balmos and David Stipp, (C) 2001
Jul 22 22:53:08 darkside NetworkManager[10396]: xl2tpd[10396]: Inherited by Jeff McAdams, (C) 2002
Jul 22 22:53:08 darkside NetworkManager[10396]: xl2tpd[10396]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
Jul 22 22:53:08 darkside NetworkManager[10396]: xl2tpd[10396]: Listening on IP address 0.0.0.0, port 1701
Jul 22 22:53:08 darkside NetworkManager[10396]: xl2tpd[10396]: Connecting to host <ip_replaced>, port 1701
Jul 22 22:53:22 darkside NetworkManager[10396]: xl2tpd[10396]: death_handler: Fatal signal 15 received
Jul 22 22:53:22 darkside NetworkManager[10396]: xl2tpd[10396]: Connection 0 closed to <ip_replaced>, port 1701 (Server closing)
Jul 22 22:53:22 darkside NetworkManager[931]: <warn> [1658541202.9119] vpn[0x557c8275c700,5bef9673-1244-4646-aba9-381bd613643b,"My VPN"]: dbus: failure: connect-failed (1)
Jul 22 22:53:22 darkside NetworkManager[931]: <warn> [1658541202.9120] vpn[0x557c8275c700,5bef9673-1244-4646-aba9-381bd613643b,"My VPN"]: dbus: failure: connect-failed (1)
Jul 22 22:53:22 darkside NetworkManager[10400]: Stopping strongSwan IPsec...
Jul 22 22:53:22 darkside charon: 00[DMN] SIGINT received, shutting down
Jul 22 22:53:22 darkside charon: 00[IKE] deleting IKE_SA 5bef9673-1244-4646-aba9-381bd613643b[1] between 192.168.0.13[192.168.0.13]...<ip_replaced>[<ip_replaced>]
Jul 22 22:53:22 darkside charon: 00[IKE] sending DELETE for IKE_SA 5bef9673-1244-4646-aba9-381bd613643b[1]
Jul 22 22:53:22 darkside charon: 00[ENC] generating INFORMATIONAL_V1 request 382468415 [ HASH D ]
Jul 22 22:53:22 darkside charon: 00[NET] sending packet: from 192.168.0.13[4500] to <ip_replaced>[4500] (84 bytes)
Jul 22 22:53:23 darkside nm-l2tp-service[10335]: ipsec shut down
... View more