Community discussions

 
kenyloveg
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 74
Joined: Tue Jul 14, 2009 3:25 pm

l2tp client keep getting errors

Sat Jan 05, 2019 2:47 pm

Hi, Guys
Need some help to make my l2tp client routing works. Here is my config (most related part)
/interface bridge
add name=bridge1 protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] disabled=yes
set [ find default-name=ether2 ] loop-protect=off name=ether2-wan
set [ find default-name=ether3 ] disabled=yes
set [ find default-name=ether4 ] disabled=yes
set [ find default-name=ether5 ] disabled=yes
set [ find default-name=ether6 ] loop-protect=off name=ether6-lan
set [ find default-name=ether7 ] disabled=yes
set [ find default-name=ether8 ] disabled=yes
set [ find default-name=ether9 ] disabled=yes
set [ find default-name=ether10 ] disabled=yes
set [ find default-name=sfp-sfpplus1 ] disabled=yes
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether2-wan name=pppoe-out1 password=pppoepassword user=pppoeusername
/interface l2tp-client
add allow-fast-path=yes connect-to=myl2tpserver.com disabled=no name=l2tp-out1 password=l2tppassword user=l2tpusername
/ip pool
add name=dhcp_pool0 ranges=192.168.100.2-192.168.100.254
/ip dhcp-server
add add-arp=yes address-pool=dhcp_pool0 disabled=no interface=bridge1 lease-time=4w2d name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether6-lan
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=wlan2
/ip address
add address=192.168.100.1/24 interface=bridge1 network=192.168.100.0
/ip dhcp-server config
set store-leases-disk=immediately
/ip dhcp-server network
add address=192.168.100.0/24 gateway=192.168.100.1
/ip dns
set cache-max-ttl=1h cache-size=4096KiB servers=8.8.4.4,208.67.222.222,1.1.1.1
/ip firewall address-list
add address=223.255.236.0/22 list=cnlist
#....no less than 5000 address list....
add address=223.255.252.0/23 list=cnlist
#add address=myl2tpserver1.com list=cnlist
#add address=myl2tpserver2.com list=cnlist
#add address=myl2tpserver3.com list=cnlist
#add address=myl2tpserver4.com list=cnlist
/ip firewall mangle
add action=mark-routing chain=prerouting dst-address-list=!cnlist new-routing-mark=l2tp passthrough=yes src-address=192.168.100.2-192.168.100.98
/ip firewall nat
add action=src-nat chain=srcnat comment=src-nat out-interface=pppoe-out1 to-addresses=mypppoeoutwanaddress
add action=masquerade chain=srcnat out-interface=l2tp-out1
/ip route
add distance=1 gateway=l2tp-out1 routing-mark=l2tp
As you see, i set up my l2tp client to route all none "cnip" list traffice to l2tp client connection. But i keep getting error below
l2tp, debug:sent control message to myl2tpserver.com from 0.0.0.0:1701
I can wait couple of minutes then reconnect l2tp client interface successfully with below log
l2tp, debug:rcvd control messgae to myl2tpserver.com from mypppoeoutwanaddress:1701
What is the best approach to make my configuration work?
I tried add myl2tpserver(obviously none cnip) to "cnlist" to force l2tp connection go through pppoe-out1 route, but no lucky.
Which part i need to modify, and how? And it would be great if someone show me how to make a script to automatic test myl2tpserver1,2,3 and switch them based on availability and ping speed...
Thanks.

Who is online

Users browsing this forum: No registered users and 27 guests