I'm hoping someone may have a thought. I have a vanilla L2TP tunnel provided to me, the provider recommends/supports RB750GL as the client end device. I have not tested on that device, but they claim it's working fine.

My assortment of Mikrotik hardware is CCR1009-7G-1C-1S+, RB5009UG+S+, RB750GR3 and RB493G (have been various versions but all currently running 7.13.3).

Out of my hardware, the only device on which the L2TP tunnel works is the RB493G. On the rest of the devices they simply loop "initializing", "connecting", "terminating - session closed", "disconnected". I've tried to insert the tunnel into routers with existing configurations, and into completely blank devices, doesn't seem to make any difference. Until I randomly tried my RB493G I was skeptical of their configuration but once it worked on that device I have to concede that it must be something obscure that the three newer devices are doing differently or some default that is different.

This is the bare-bones version... reset modem, no default config... Does anyone have any thoughts? Obviously the RB750GL and RB493G are considerably older devices and the rest of the hardware is newer... but running the current version of firmware I wouldn't have expected there to be any difference in operation, that is not the case however.

Mike

Hey Mike, it seems we're encountering the same problem as you in certain aspects. I only own one of the devices you mentioned, the RB5009UG+S+, but one thing is for sure, something strange is happening. We had established an unencrypted L2TP tunnel for over a week, and since February 2nd, it's been impossible to get this tunnel working again.

We've tried everything, from a factory reset of the router to the ISP's modem, but nothing helps; there's no way to get this router working again. Your configuration seems fine, and just like you, we've checked every single detail of the tunnel configuration in the "Dial out" tab. What's even more astonishing is that we tried moving this router to another site with a completely different ISP, and guess what? Without any additional configuration, the router, and especially the L2TP tunnel configured from our old network, worked on the first try.

To be honest, I'm starting to wonder if our ISP has simply blacklisted a particular MAC address.

NB: So, we tried creating the same tunnel using the PPTP protocol, and it works, but it's just not feasible for production use at the moment. We haven't found a solution yet and are continuing our research.

CE.

Sorry I didn't respond sooner I got tied up with a whole bunch of things that were emergency-er

I've continued to work with this on and off but have still had no success. Have also been keeping the firmware up-to-date in the hope that the issue will randomly get fixed but no luck on that front either. I recently communicated with my ISP again and they've confirmed that they are using Mikrotik on their end as well, so it's not even as if it can be blamed on another Vendor.

The only thing that I can see is that we're hitting some minor yet very obscure bug related to the architecture of particular Mikrotik routers vs. others. I'm thinking it may be time that I file it as a bug report with Mikrotik as I and everyone I've been able to have look at it can't see any logical reason it shouldn't be working.

Mike

Hi,
You can under system logging add an l2tp entry, to get a bunch more logging that might be helpful.
I think you will need to change (or remove) the max-mtu and max-mru settings.
Perhaps you could set up mrru with some value maybe >1518 (if the provider supports this option)