Pptp l2tp connection drops



  • Hi There,
    I am running pfsense 2.0 64bit as l2tp and pptp "dial in" server with radius authentification and accounting.

    everthing is running fine (after some changes in the configuration via vpn.inc)

    the only problem is, that the mpd is dropping connections from time to time.

    the error in the log is: [l2tp2] L2TP: call #1 terminated: result=2 error=6 errmsg="control connection closing"

    does anyone has an ideo where to look for this error??

    many thanks (again),
    Matze



  • What's required to get l2tp to work?  I am having no success



  • @djmatze:

    everthing is running fine (after some changes in the configuration via vpn.inc)

    what exactly did you change? If something isn't right out of the box we need to fix it.

    @outlet:

    What's required to get l2tp to work?  I am having no success

    He's either configured the IPsec part manually, or is truly just using L2TP (i.e. with no encryption, what most people are really referring to with L2TP is L2TP/IPsec).



  • Hi there,

    yes it is true I am using L2TP without IPSEC (we have wireless links and we are using EAP with WPA2 Enterprise , so we don`t need additional encrypting)

    The Changes are made:

    we use different Ports for the radius Server, so I added them.
    we don`t want to offer any kind of compression so we disabled it completly.

    the new mpd.conf for l2tp looks like this

    
    l2tp:
            load l2tp0
            load l2tp1
            load l2tp2
            load l2tp3
            load l2tp4
            load l2tp5
            load l2tp6
            load l2tp7
            load l2tp8
            load l2tp9
            load l2tp10
    ........
    
    
    
    .....
    l2tp1:
            new l2tp1 l2tp1
            set ipcp ranges 10.65.31.1/32 10.65.254.1/32
            load l2tp_standard
    
    l2tp2:
            new l2tp2 l2tp2
            set ipcp ranges 10.65.31.1/32 10.65.254.2/32
            load l2tp_standard
    
    ......
    
    
    
    l2tp_standard:
            set bundle disable multilink
           # set bundle enable compression
            #set bundle yes crypt-reqd
            set ipcp yes vjcomp
            # set ipcp ranges 131.188.69.161/32 131.188.69.170/28
            #set ccp yes mppc
            set iface disable on-demand
            #set iface enable proxy-arp
            set iface enable tcpmssfix
            set iface idle 0
            set iface up-script /usr/local/sbin/l2tp-linkup
            set iface down-script /usr/local/sbin/vpn-linkdown
            set link yes acfcomp protocomp
            set link no pap chap
            set link enable chap-msv2
            set link mtu 1420
            set link keep-alive 60 660
            set link fsm-timeout 15
            set ipcp dns 10.64.1.1 10.64.1.235
            set radius server 10.64.1.235 "our secret passwd" 1860 1861
            set radius retries 3
            set radius timeout 10
            set auth enable radius-auth
            set radius me 10.64.1.1
            set auth enable radius-ac
    
    

    so I tried to increase the keep alive timeouts and tried to set the link fsm-timeout to 15 (2 is std.)
    but nevertheless our connections are dropping from time to time (avergage every 30 minutes)

    any ideas about the connection drops?


Log in to reply