Page MenuHomeVyOS Platform

When configuring L2TP with IPsec on 1.2.0 (201904160337), the `xl2tpd` daemon isn't automatically started
Closed, ResolvedPublic

Description

I configured L2TP with IPsec just as described in the wiki (https://wiki.vyos.net/wiki/L2TP_Remote_Access), but used outside-address 0.0.0.0 because I have dynamic IP's on my internet interfaces (via PPPoE).

Everything works nicely (on 1.2.0) except that on reboot the xl2tpd daemon isn't started at reboot and one has to manually start it with sudo systemctl start xl2tpd. (I've even tried to issue restart vpn without success.)

The configuration pertaining to VPN is:

set vpn ipsec auto-update '30'
set vpn ipsec ipsec-interfaces interface 'pppoe0'
set vpn ipsec nat-networks allowed-network 0.0.0.0/0
set vpn ipsec nat-traversal 'enable'
set vpn l2tp remote-access authentication local-users username ... password '****'
set vpn l2tp remote-access authentication local-users username bekomiko static-ip '****'
set vpn l2tp remote-access authentication mode 'local'
set vpn l2tp remote-access authentication require 'mschap-v2'
set vpn l2tp remote-access client-ip-pool start '****'
set vpn l2tp remote-access client-ip-pool stop '****'
set vpn l2tp remote-access dns-servers server-1 '1.1.1.1'
set vpn l2tp remote-access dns-servers server-2 '1.0.0.1'
set vpn l2tp remote-access idle '1800'
set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret'
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret '****'
set vpn l2tp remote-access ipsec-settings ike-lifetime '3600'
set vpn l2tp remote-access ipsec-settings lifetime '3600'
set vpn l2tp remote-access mtu '1400'
set vpn l2tp remote-access outside-address '0.0.0.0'

Details

Difficulty level
Unknown (require assessment)
Version
1.2.0 (201904160337)
Why the issue appeared?
Will be filled on close

Event Timeline

dmbaturin claimed this task.
dmbaturin added a subscriber: dmbaturin.

xl2tpd has been long replaced with accel-ppp, so this shouldn't be an issue anymore.