L2TP/IPsec passthrough on dual WAN not working
I currently have a setup with dual WAN connections(primary cogent line, secondary comcast) I have an OS X VPN server running on the LAN, and I've setup passthrough rules for both PPTP and L2TP for both the primary(WAN) and secondary(WAN2) Connecting to either WAN/WAN2 ip address with a PPTP connection works just fine, but I can only get it to work with L2TP over one WAN connection. Whichever one has the UDP/GRE/ESP passthrough rules first in the list works, and the second doesn't. Im attaching a screenshot of my current rules, where it works connecting to the WAN IP, but not the WAN2 IP.
TIA for any help/ideas,
PS, i'm running the Jan 25th version
You config seems fine… ???
Could you turn on logging on the respective FW rules and default deny and see what gets hit, when you try to connect?
Your NAT rules are likely missing or wrong. Your firewall rules are definitely wrong, destination is the internal IP if you're forwarding to the internal host.
The above pic is my NAT port forward rules. The rules themselves by interface are attached. Its really frustrating, and seems to not be very consistent. Sometime I can connect to to both interfaces with an L2TP connection, other times only the WAN IP. It seems to also be related to the network i'm on. I seem to have a lot of trouble connecting to the WAN2 IP when I am at home on a comcast cable modem, but I have another setup on the same IP block running DD-wrt with port forwarding to another VPN server and that works just fine.