Problem with outgoing L2TP VPN connections when using multiple WAN's

NaHoW

Hello

When I enable loadbalancing and use dual I am unable to estabilish a L2TP VPN connection if the connection isn't made over WAN1.
I just followed the basic tutorial for multiwan and for the other things it seems to go fine.

Any hints on what I could have done wrong?

Kind regards,

Simon

jimp

Is it actually L2TP or is it L2TP/IPsec?

NaHoW

Hmm it doesn't really mention that.
It's just a VPN made from Windows by the 'Connect to a workplace or VPN wizard'. Default is PTPP but from that I know Pfsense has limitation so I changed the properties and set it to use L2TP.

jimp

Then it's L2TP/IPsec and at the firewall level you should be working with udp/500, udp/4500, and ESP traffic. If you have policy routing it's possible the ESP traffic is taking a different path than the UDP traffic which breaks it.

You need to setup a failover (not load balancing) rule for traffic to the remote VPN server, or maybe use sticky, or maybe your outbound NAT on WAN2 is different (no static port for udp/500 traffic?).