routerboard: yes
model: 1100AHx2
serial-number: 47B9046D4320
firmware-type: p2020
factory-firmware: 3.10
current-firmware: 3.24
upgrade-firmware: 6.45.6
client unable to connect while using l2tp-server whereas working from pptp-server
To me, 3.24 sounds like the Winbox version…correct? What software version is the Routerboard running…6.45.6?
You have to have a look in the logging to get a first clue.
13:31:00 ipsec,info respond new phase 1 (Identity Protection): x.x.x.x[500]<=>y.y.y.y[500]
13:31:00 ipsec,info ISAKMP-SA established x.x.x.x[4500]-y.y.y.y[4500] spi:63d906c56cf8c890:e677b127c8bf340a
13:31:01 l2tp,info first L2TP UDP packet received from y.y.y.y
13:31:01 ipsec,info purging ISAKMP-SA x.x.x.x[4500]<=>y.y.y.y[4500] spi=63d906c56cf8c890:e677b127c8bf340a.
13:31:01 ipsec,info ISAKMP-SA deleted x.x.x.x[4500]-y.y.y.y[4500] spi:63d906c56cf8c890:e677b127c8bf340a rekey:1
Could you also post part of your configuration: /ip ipsec profile ?
current-firmware: 3.24
upgrade-firmware: 6.45.6
means that you haven’t upgraded the bootloader after upgrading RouterOS for quite a long time.
So you should do /system routerboard upgrade, and then reboot the machine. After that, the current-firmware should show the same version like the RouterOS.
Regarding the l2tp-server, you have to raise the log level for l2tp, and if it shows nothing, for IPsec.
So start by /system logging add topics=l2tp, then try to connect the L2TP client, and look into the log; if it shows something with l2tp in the topics column, the issue is at l2tp level; if it shows nothing, the issue is at ipsec level and you have to use /system logging add topics=ipsec,!packet to see the details in the log.
Make sure you have the right ports opened up in a firewall input rule, I had the same problem and I fat-fingered my rules.