Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    L2TP and CARP Failover

    Scheduled Pinned Locked Moved 2.1 Snapshot Feedback and Problems - RETIRED
    5 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stanthewizard
      last edited by

      Hello

      I'm trying to add an L2TP VPN but the only interface available is the WAN.

      In my scenario with CARP Failover, the VIP should be used ? not the WAN ?

      Am I wrong ?
      If not, i'm unable to add the L2TP VPN

      Thanks

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        It doesn't properly support that yet in the L2TP options.

        Just setup a port forward for udp/1721 on the carp vip to 127.0.0.1:1721

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • S
          stanthewizard
          last edited by

          I created this NAT
                WAN UDP * * 192.168.10.200 1701 (L2TP) 127.0.0.1 1701 (L2TP)

          With this rule
          IPv4 UDP * * 127.0.0.1 1701 (L2TP) * none   NAT

          It doesn't work ….

          HAve you got any idea why ?

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Is your WAN IP really 192.168.10.200? If so, you're behind NAT and you'll need to make sure whatever is ahead of you there is forwarding udp/1721 to 192.168.10.200
            If 192.168.10.200 is not your WAN CARP VIP, change the rule to use your WAN CARP VIP there instead.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • S
              stanthewizard
              last edited by

              IT is !  ;)

              This unique IP is the DMZ

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.