L2TP/IPsec passthrough on dual WAN not working
-
I currently have a setup with dual WAN connections(primary cogent line, secondary comcast) I have an OS X VPN server running on the LAN, and I've setup passthrough rules for both PPTP and L2TP for both the primary(WAN) and secondary(WAN2) Connecting to either WAN/WAN2 ip address with a PPTP connection works just fine, but I can only get it to work with L2TP over one WAN connection. Whichever one has the UDP/GRE/ESP passthrough rules first in the list works, and the second doesn't. Im attaching a screenshot of my current rules, where it works connecting to the WAN IP, but not the WAN2 IP.
TIA for any help/ideas,
-dev
PS, i'm running the Jan 25th version
-
You config seems fine… ???
Could you turn on logging on the respective FW rules and default deny and see what gets hit, when you try to connect?
-
Your NAT rules are likely missing or wrong. Your firewall rules are definitely wrong, destination is the internal IP if you're forwarding to the internal host.
-
The above pic is my NAT port forward rules. The rules themselves by interface are attached. Its really frustrating, and seems to not be very consistent. Sometime I can connect to to both interfaces with an L2TP connection, other times only the WAN IP. It seems to also be related to the network i'm on. I seem to have a lot of trouble connecting to the WAN2 IP when I am at home on a comcast cable modem, but I have another setup on the same IP block running DD-wrt with port forwarding to another VPN server and that works just fine.
