L2TP and CARP Failover

stanthewizard

Hello

I'm trying to add an L2TP VPN but the only interface available is the WAN.

In my scenario with CARP Failover, the VIP should be used ? not the WAN ?

Am I wrong ?
If not, i'm unable to add the L2TP VPN

Thanks

jimp

It doesn't properly support that yet in the L2TP options.

Just setup a port forward for udp/1721 on the carp vip to 127.0.0.1:1721

stanthewizard

I created this NAT
      WAN UDP * * 192.168.10.200 1701 (L2TP) 127.0.0.1 1701 (L2TP)

With this rule
IPv4 UDP * * 127.0.0.1 1701 (L2TP) * none   NAT

It doesn't work ….

HAve you got any idea why ?

jimp

Is your WAN IP really 192.168.10.200? If so, you're behind NAT and you'll need to make sure whatever is ahead of you there is forwarding udp/1721 to 192.168.10.200
If 192.168.10.200 is not your WAN CARP VIP, change the rule to use your WAN CARP VIP there instead.

stanthewizard

IT is !  ;)

This unique IP is the DMZ