Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multiple VPN Pass through L2TP/IPSEC is not working on openwrt based gateways.

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      saravanant
      last edited by

      Hello,

      I am testing multiple vpn pass through for L2TP/IPSEC in my openwrt based gateway.

      I am testing this feature via CD router and found multiple vpn pass through is not working.

      1. CD router simulates two LAN clients on Gateway LAN port
      2. CD router runs VPN server on the WAN side
      3. LAN client 1 sends IPSEC packet with unique SPI ( Let’s say SPI A) to Gateway
      4. LAN client 1 sends IPSEC packet with unique SPI ( Let’s say SPI B) to Gateway
      5. Gateway forward the IPSEC packet from LAN client 1 with SPI A to VPN server on WAN side
      6. VPN server responding for the LAN client 1
      7. Gateway  forward the IPSEC packet from LAN client 2 with SPI A to VPN server on WAN side ( It supposed to use SPI B which is generated from LAN client 2, but it is using the SPI of LAN client 1)
      8. VPN server drops the packets from LAN client 2 as it has invalid SPI.

      I dont know why the SPI is getting changed in gateway. I couldn't find enough information to resolve the problem over internet.

      Could anyone provide some hint on why the SPI is getting changed by Gateway?

      Thanks in advance!!

      Regards,
      Saravana

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.