Page MenuHomeVyOS Platform
Create Task
Maniphest T7675

latest rolling has broken vpn remote-access after upgrade
Open, NormalPublic
Actions

Description

$ show configuration commands | strip-private | grep remote-access
set vpn l2tp remote-access authentication local-users username xxxxxx password xxxxxx
set vpn l2tp remote-access authentication local-users username xxxxxx password xxxxxx
set vpn l2tp remote-access authentication local-users username xxxxxx password xxxxxx
set vpn l2tp remote-access authentication mode 'local'
set vpn l2tp remote-access authentication protocols 'mschap-v2'
set vpn l2tp remote-access client-ip-pool default-range-pool range 'xxx.xxx.1.2-xxx.xxx.1.254'
set vpn l2tp remote-access default-pool 'default-range-pool'
set vpn l2tp remote-access gateway-address 'xxx.xxx.255.0'
set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret'
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret xxxxxx
set vpn l2tp remote-access name-server 'xxx.xxx.0.1'
set vpn l2tp remote-access outside-address 'xxx.xxx.127.2'

with this configuration, which is the same as pre-upgrade, remote-access is now broken. nothing appears in the logs when trying to connect.

Details

Version
VyOS 2025.07.28-0022-rolling
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Unspecified (please specify)

Event Timeline

doctorpangloss created this task.Jul 31 2025, 6:12 PM
doctorpangloss triaged this task as Normal priority.
doctorpangloss created this object in space S1 VyOS Public.
doctorpangloss added a comment.Aug 15 2025, 11:20 PM

appears to be working again with VyOS 2025.08.13-0020-rolling
this might be interacting with firewall global-options receive-redirects

doctorpangloss changed the task status from Open to Needs testing.Aug 15 2025, 11:20 PM
pasik subscribed.Aug 16 2025, 3:32 PM
doctorpangloss changed the task status from Needs testing to Open.Aug 20 2025, 3:31 PM