Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    L2TP issue since last update

    Scheduled Pinned Locked Moved IPsec
    21 Posts 3 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • erselbeyE
      erselbey
      last edited by erselbey

      After making the last update, I was unable to connect from L2TP. I read the changes, but I don't think it will be related. I'm not logging in with Radius. There is no problem with the connection. I tried it in the old version, it works fine. As for the rules, it's normal.

      1 Reply Last reply Reply Quote 0
      • erselbeyE
        erselbey
        last edited by

        No human beings to answer? All my services stopped now!

        DaddyGoD 1 Reply Last reply Reply Quote 0
        • DaddyGoD
          DaddyGo @erselbey
          last edited by DaddyGo

          @erselbey
          Hi,

          the answer is probably hard to come by, because not many people already use L2TP...

          @erselbey "I tried it in the old version, it works fine. "

          -come back in the meantime to a working configuration until the problem is resolved

          not much is being said about L2TP really in the current change

          39f29270-2877-418c-9fc8-c1890a392539-image.png

          for the sake of curiosity
          why don't you use OpenVPN?

          PS:
          is there anything in the logs at all?
          (your starting post is very concise, no one can figure out what can happen to your system, if there is no data)
          share your logs and it is possible that someone has already encountered the issue...

          +++++edit: plus it’s a weekend and as you can see there’s not much movement on the forum 😉

          Cats bury it so they can't see it!
          (You know what I mean if you have a cat)

          erselbeyE 1 Reply Last reply Reply Quote 1
          • erselbeyE
            erselbey @DaddyGo
            last edited by

            @DaddyGo All of the employees are structured as L2TP and so on. The systems are completely macOS so we use L2TP.

            DaddyGoD 1 Reply Last reply Reply Quote 0
            • DaddyGoD
              DaddyGo @erselbey
              last edited by

              @erselbey

              That makes sense ✋

              -so, have you ever considered IPsec?
              I personally hate the L2TP old and rigid protocol and it is no longer so secure.

              Cats bury it so they can't see it!
              (You know what I mean if you have a cat)

              erselbeyE 1 Reply Last reply Reply Quote 0
              • erselbeyE
                erselbey @DaddyGo
                last edited by

                @DaddyGo Actually I did not think but we are in a transition period now. That's why we manage it for now. Trying for a deep-rooted job because of a minor problem also requires effort. Otherwise, L2TP started to be troubled as you said.

                DaddyGoD 2 Replies Last reply Reply Quote 0
                • DaddyGoD
                  DaddyGo @erselbey
                  last edited by

                  @erselbey

                  I understand...

                  We have long been doing the following:

                  central pfSense OpenVPN server (headquarter) and smaller pfSense-enabled devices at employee endpoints as OpenVPN clients
                  https://pcengines.ch/apu4d4.htm (110-130USD)

                  so it doesn't matter what OP system is running on the client side (employees) (macOS, Windows, Linux)
                  since both endpoints have pfSense and OpenVPN

                  Cats bury it so they can't see it!
                  (You know what I mean if you have a cat)

                  1 Reply Last reply Reply Quote 1
                  • DaddyGoD
                    DaddyGo @erselbey
                    last edited by

                    @erselbey

                    don't worry, I rarely see L2TP posts on the forum, probably someone will come who has similar problems...

                    now you have to wait a bit...

                    Cats bury it so they can't see it!
                    (You know what I mean if you have a cat)

                    1 Reply Last reply Reply Quote 0
                    • erselbeyE
                      erselbey
                      last edited by

                      Unfortunately, it is now. By the way, I am looking for the solution. There is no problem with the Radius server either in the manual user. It's annoying.

                      1 Reply Last reply Reply Quote 0
                      • erselbeyE
                        erselbey
                        last edited by

                        Jun 27 19:25:09 l2tps L2TP: Control connection 0x80366a610 destroyed
                        Jun 27 19:24:58 l2tps L2TP: Control connection 0x80366a610 terminated: 0 ()
                        Jun 27 19:24:58 l2tps Incoming L2TP packet from x.x.x.x 50969
                        Jun 27 19:24:45 l2tps L2TP: Control connection 0x80366a610 destroyed
                        Jun 27 19:24:34 l2tps L2TP: Control connection 0x80366a610 terminated: 0 ()
                        Jun 27 19:24:33 l2tps Incoming L2TP packet from x.x.x.x 61437
                        Jun 27 19:24:24 l2tps L2TP: Control connection 0x80366a610 destroyed
                        Jun 27 19:24:18 l2tps L2TP: Control connection 0x80366a310 destroyed
                        Jun 27 19:24:13 l2tps L2TP: Control connection 0x80366a610 terminated: 0 ()
                        Jun 27 19:24:13 l2tps Incoming L2TP packet from x.x.x.x 57154
                        Jun 27 19:24:07 l2tps L2TP: Control connection 0x80366a310 terminated: 0 ()
                        Jun 27 19:24:07 l2tps Incoming L2TP packet from x.x.x.x 51461

                        Jun 27 19:26:40 charon 06[IKE] <con5000|3> nothing to initiate
                        Jun 27 19:26:40 charon 06[IKE] <con5000|3> activating new tasks
                        Jun 27 19:26:40 charon 06[ENC] <con5000|3> parsed INFORMATIONAL response 67 [ ]
                        Jun 27 19:26:40 charon 06[NET] <con5000|3> received packet: from x.x.x.x[500] to x.x.x.x[500] (76 bytes)
                        Jun 27 19:26:40 charon 06[NET] <con5000|3> sending packet: from x.x.x.x[500] to x.x.x.x[500] (76 bytes)
                        Jun 27 19:26:40 charon 06[ENC] <con5000|3> generating INFORMATIONAL request 67 [ ]
                        Jun 27 19:26:40 charon 06[IKE] <con5000|3> activating IKE_DPD task
                        Jun 27 19:26:40 charon 06[IKE] <con5000|3> activating new tasks
                        Jun 27 19:26:40 charon 06[IKE] <con5000|3> queueing IKE_DPD task
                        Jun 27 19:26:40 charon 06[IKE] <con5000|3> sending DPD request
                        Jun 27 19:26:30 charon 10[IKE] <con5000|3> nothing to initiate
                        Jun 27 19:26:30 charon 10[IKE] <con5000|3> activating new tasks
                        Jun 27 19:26:30 charon 10[ENC] <con5000|3> parsed INFORMATIONAL respons

                        DaddyGoD 1 Reply Last reply Reply Quote 0
                        • DaddyGoD
                          DaddyGo @erselbey
                          last edited by DaddyGo

                          @erselbey
                          "the log shows that the connection is basically not working"

                          I would do that:

                          try to build a whole new test connection just for the sake of the test
                          which is by no means related to previously configured L2TP connections

                          of course on the updated system

                          this basically filters out that importing existing settings into the newer environment is causing the error

                          or L2TP really doesn't work on your system (under the new release) - +++I do not believe this ☺

                          what L2TP client is on the other side software configured or hardware dependent?

                          I am thinking of this here:
                          https://www.thegreenbow.com/index.html
                          (in the past we have used this client for L2TP)

                          PS:
                          the settings stored in XML may not be realized in the new environment

                          +++edit:

                          just notice the end of the description:
                          https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/l2tp-ipsec.html

                          +++edit: (pay close attention to this)
                          https://forum.netgate.com/topic/154619/l2tp-control-connection-0x803859310-destroyed

                          ✋ 👍

                          Cats bury it so they can't see it!
                          (You know what I mean if you have a cat)

                          1 Reply Last reply Reply Quote 0
                          • erselbeyE
                            erselbey
                            last edited by

                            I now trying

                            1 Reply Last reply Reply Quote 0
                            • erselbeyE
                              erselbey
                              last edited by

                              This time it doesn't work with radius :(

                              DaddyGoD 1 Reply Last reply Reply Quote 0
                              • DaddyGoD
                                DaddyGo @erselbey
                                last edited by

                                @erselbey

                                okay I'm running out of ideas...
                                let's see @jimp can help you, if he are currently available...

                                I note, I really used L2TP a long time ago, but now I'm interested in this theme (just for the sake of curiosity)

                                I just see the despair in your writing, ergo I want to help...
                                never give up, colleague...
                                now I have to go, because my wife opened the weekend red wine

                                Cats bury it so they can't see it!
                                (You know what I mean if you have a cat)

                                erselbeyE 1 Reply Last reply Reply Quote 0
                                • erselbeyE
                                  erselbey @DaddyGo
                                  last edited by

                                  @DaddyGo Thank you very much for your help. Hope you have a happy time with your partner :) Take care.

                                  DaddyGoD 1 Reply Last reply Reply Quote 0
                                  • erselbeyE
                                    erselbey
                                    last edited by

                                    @jimp ???

                                    1 Reply Last reply Reply Quote 0
                                    • erselbeyE
                                      erselbey
                                      last edited by

                                      I think nobody else has any idea about the subject.

                                      viktor_gV 1 Reply Last reply Reply Quote 0
                                      • viktor_gV
                                        viktor_g Netgate @erselbey
                                        last edited by

                                        @erselbey please check this https://redmine.pfsense.org/issues/10710

                                        1 Reply Last reply Reply Quote 0
                                        • DaddyGoD
                                          DaddyGo @erselbey
                                          last edited by

                                          @erselbey

                                          I see help is on its way. 😉

                                          Cats bury it so they can't see it!
                                          (You know what I mean if you have a cat)

                                          1 Reply Last reply Reply Quote 0
                                          • erselbeyE
                                            erselbey
                                            last edited by

                                            I started to tamper with the problem and I could not understand what to do with this method. I understand that I just need to delete the secret key. Is it correct? If it is true, it does not work, unfortunately.

                                            erselbeyE 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.