Hello,
I have a strange problem - I set up a L2TP Client connection and selected “use IPSec” as the Cisco VPN server works with L2TP-over-IPSec connections.
Everything works great until I reboot the Routerboard. When it reconnects, it will negotiate an IPSec ISAKMP sa but no IPSEC sa is configured, configuration is plain L2TP unencrypted. If I disable and re-enable the connection in the Routerboard, without rebooting, when a connection is re-established a IPSec security association is defined and traffic is then correctly encrypted.
I tried in the “default-encryption” profile to set “Use Encryption” to either “yes” or “required” and there is no change.
Is this a bug? how can I troubleshoot this? I see no error in the Routerboard log when the L2TP session is first established without any IPSec SA. And manually cycling the connection causes everything to work!!! 