Problem with outgoing L2TP VPN connections when using multiple WAN's
-
Hello
When I enable loadbalancing and use dual I am unable to estabilish a L2TP VPN connection if the connection isn't made over WAN1.
I just followed the basic tutorial for multiwan and for the other things it seems to go fine.Any hints on what I could have done wrong?
Kind regards,
Simon
-
Is it actually L2TP or is it L2TP/IPsec?
-
Hmm it doesn't really mention that.
It's just a VPN made from Windows by the 'Connect to a workplace or VPN wizard'. Default is PTPP but from that I know Pfsense has limitation so I changed the properties and set it to use L2TP. -
Then it's L2TP/IPsec and at the firewall level you should be working with udp/500, udp/4500, and ESP traffic. If you have policy routing it's possible the ESP traffic is taking a different path than the UDP traffic which breaks it.
You need to setup a failover (not load balancing) rule for traffic to the remote VPN server, or maybe use sticky, or maybe your outbound NAT on WAN2 is different (no static port for udp/500 traffic?).