Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    l2tp/ipsec 20 seconds to login

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 1 Posters 170 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      chrisfr92
      last edited by

      Hello,

      I have setup a l2tp/ipsec server on pfsense 2.4.4p3.
      I am using Windows 10 20H2 native VPN Client.

      I can successfully authenticate and login to the VPN, but i have only 20 seconds to type and validate my credentials to be able to connect, otherwise connexion is closed by server.

      From what i can see, LCP fails 10 times before destoying the IKE session.
      Here is the log, assuming :
      pfSense WAN IP : 90.90.90.90
      Client public IP : 80.80.80.80

      pfsense-log.txt

      Do you guys have an idea about what could be the reason for a failed LCP negotiation ?

      LCP negotiation starts before submiting user/password. Shouldn’t start after submiting user/password ?

      Tested with pfSense 2.5.0 and same behaviour.
      Note that a l2tp/ipsec server setup on a Fortigate, with the same Windows 10 client, does not close the connexion after 20 seconds.

      Basically i would like to be able to offer my users more than 20 seconds to type their credentials.

      Any idea about what is happening here, or what i am missing ?

      C 1 Reply Last reply Reply Quote 0
      • C Offline
        chrisfr92 @chrisfr92
        last edited by

        From further investigations, it seems that LCP Config Request is sent by pfsense to client before authentication.

        Is there a way to make pfsense send LCP Config Request at autentication (when user/password form is validated) ?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.