- Create an l2tp remote access configuration of this form:
$ show configuration commands | grep remote-access | strip-private set vpn l2tp remote-access authentication local-users username xxxxxx password xxxxxx set vpn l2tp remote-access authentication local-users username xxxxxx password xxxxxx set vpn l2tp remote-access authentication local-users username xxxxxx password xxxxxx set vpn l2tp remote-access authentication mode 'local' set vpn l2tp remote-access authentication protocols 'mschap-v2' set vpn l2tp remote-access client-ip-pool default-range-pool range 'xxx.xxx.1.2-xxx.xxx.1.254' set vpn l2tp remote-access default-pool 'default-range-pool' set vpn l2tp remote-access gateway-address 'xxx.xxx.255.0' set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret' set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret xxxxxx set vpn l2tp remote-access name-server 'xxx.xxx.0.1' set vpn l2tp remote-access outside-address 'xxx.xxx.168.185'
- halt the vyos machine / instance
- try to connect with one of the credentials after reboot. observe that this fails
- create a new user account with the configuration:
set vpn l2tp remote-access authentication local-users username xxxxxx password xxxxxx
- try to connect with this or other user information. observe that the connection now works.
mitigations which didn't work: restarting the vpn-related services, reseting l2tp or ipsec state.
Version: VyOS 1.5-rolling-202409250007 Release train: current Release flavor: generic Built by: [email protected] Built on: Wed 25 Sep 2024 00:07 UTC Build UUID: 9b8b01ce-f96f-4af7-8116-68c8cd296cb7 Build commit ID: fa50a5073b6d3f Architecture: x86_64 Boot via: installed image System type: bare metal Secure Boot: disabled Hardware vendor: HP Hardware model: HP EliteDesk 800 G5 Desktop Mini Hardware S/N: MXL95025NY Hardware UUID: 800b5dc3-e6c8-ba65-0bcb-dc6bfdfbccb2 Copyright: VyOS maintainers and contributors