Initial configuration:
set interfaces dummy dum0 address '203.0.113.1/32' set vpn ipsec interface 'dum0' set vpn l2tp remote-access authentication local-users username test password 'test' set vpn l2tp remote-access authentication mode 'local' set vpn l2tp remote-access client-ip-pool start '192.168.255.2' set vpn l2tp remote-access client-ip-pool stop '192.168.255.254' set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret' set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret 'foobar' set vpn l2tp remote-access outside-address '203.0.113.1'
After reboot:
vyos@r1:~$ sudo netstat -tulpn | grep 1701 vyos@r1:~$ vyos@r1:~$ sudo systemctl status accel-ppp@l2tp ● [email protected] - Accel-PPP - High performance VPN server application for Linux Loaded: loaded (/lib/systemd/system/[email protected]; disabled; vendor preset: enabled) Active: active (running) since Thu 2021-08-12 08:39:54 UTC; 7min ago Main PID: 1204 (accel-pppd) Tasks: 5 (limit: 546) Memory: 2.2M CPU: 42ms CGroup: /system.slice/system-accel\x2dppp.slice/[email protected] └─1204 /usr/sbin/accel-pppd -d -p /run/accel-pppd/l2tp.pid -c /run/accel-pppd/l2tp.conf Aug 12 08:39:54 r1 systemd[1]: Starting Accel-PPP - High performance VPN server application for Linux... Aug 12 08:39:54 r1 systemd[1]: [email protected]: Can't open PID file /run/accel-pppd/l2tp.pid (yet?) after start: Operation not permitted Aug 12 08:39:54 r1 systemd[1]: Started Accel-PPP - High performance VPN server application for Linux. Aug 12 08:39:54 r1 accel-l2tp[1204]: l2tp: iprange module disabled, improper IP configuration of PPP interfaces may cause kernel soft lockup Aug 12 08:39:54 r1 accel-l2tp[1204]: l2tp: impossible to start L2TP server: bind() failed: Cannot assign requested address
To fix it we can declare outside address 0.0.0.0
set vpn l2tp remote-access outside-address '0.0.0.0'