l2tp/ipsec 20 seconds to login
-
Hello,
I have setup a l2tp/ipsec server on pfsense 2.4.4p3.
I am using Windows 10 20H2 native VPN Client.I can successfully authenticate and login to the VPN, but i have only 20 seconds to type and validate my credentials to be able to connect, otherwise connexion is closed by server.
From what i can see, LCP fails 10 times before destoying the IKE session.
Here is the log, assuming :
pfSense WAN IP : 90.90.90.90
Client public IP : 80.80.80.80Do you guys have an idea about what could be the reason for a failed LCP negotiation ?
LCP negotiation starts before submiting user/password. Shouldn’t start after submiting user/password ?
Tested with pfSense 2.5.0 and same behaviour.
Note that a l2tp/ipsec server setup on a Fortigate, with the same Windows 10 client, does not close the connexion after 20 seconds.Basically i would like to be able to offer my users more than 20 seconds to type their credentials.
Any idea about what is happening here, or what i am missing ?
-
From further investigations, it seems that LCP Config Request is sent by pfsense to client before authentication.
Is there a way to make pfsense send LCP Config Request at autentication (when user/password form is validated) ?