Hallo,
I would like to run a L2TP Server Cluster with Failover-Capabilities. For this I have a VRRP-Cluster of two Mikrotik-Routers with Virtual-IPs on it, which works perfectly. Unfortunately the L2TP-Server always answers incoming L2TP-Connects on an VRRP-Interface with it’s “main” IP on the external Interface. The L2TP-Client stucks in “dialing…”.
Here an example (IP’s changed):
5.4.3.2 (L2TP-CLIENT)
1.2.3.10 (VRRP-IP)
1.2.3.1 (EXTERNAL-IP ON PHYSICAL INTERFACE WITH DEFAULT ROUTE ON IT)
12:00:54 l2tp,info first L2TP UDP packet received from 5.4.3.2
12:00:54 firewall,info l2tp input: in:vrrp1 out:(none), src-mac xx:xx:xx:xx:xx:xx, proto UDP, 5.4.3.2:1701->1.2.3.10:1701, len 128
12:00:54 firewall,info l2tp output: in:(none) out:ext0, proto UDP, 1.2.3.1:1701->5.4.3.2:1701, len 127
I already tried Policy-Routing with Pref-Src, but no change. Another Idea would be SRC-NAT, but that would be a dirty workaround. Unfortunately you can’t run multiple instances of l2tp-server with local address set.
Any ideas?
thanks
Oliver