Community discussions

Frequent Visitor
Frequent Visitor
Topic Author
Posts: 75
Joined: Tue Jul 14, 2009 3:25 pm

l2tp client keep getting errors

Sat Jan 05, 2019 2:47 pm

Hi, Guys
Need some help to make my l2tp client routing works. Here is my config (most related part)
/interface bridge
add name=bridge1 protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] disabled=yes
set [ find default-name=ether2 ] loop-protect=off name=ether2-wan
set [ find default-name=ether3 ] disabled=yes
set [ find default-name=ether4 ] disabled=yes
set [ find default-name=ether5 ] disabled=yes
set [ find default-name=ether6 ] loop-protect=off name=ether6-lan
set [ find default-name=ether7 ] disabled=yes
set [ find default-name=ether8 ] disabled=yes
set [ find default-name=ether9 ] disabled=yes
set [ find default-name=ether10 ] disabled=yes
set [ find default-name=sfp-sfpplus1 ] disabled=yes
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether2-wan name=pppoe-out1 password=pppoepassword user=pppoeusername
/interface l2tp-client
add allow-fast-path=yes disabled=no name=l2tp-out1 password=l2tppassword user=l2tpusername
/ip pool
add name=dhcp_pool0 ranges=
/ip dhcp-server
add add-arp=yes address-pool=dhcp_pool0 disabled=no interface=bridge1 lease-time=4w2d name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether6-lan
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=wlan2
/ip address
add address= interface=bridge1 network=
/ip dhcp-server config
set store-leases-disk=immediately
/ip dhcp-server network
add address= gateway=
/ip dns
set cache-max-ttl=1h cache-size=4096KiB servers=,,
/ip firewall address-list
add address= list=cnlist less than 5000 address list....
add address= list=cnlist
#add list=cnlist
#add list=cnlist
#add list=cnlist
#add list=cnlist
/ip firewall mangle
add action=mark-routing chain=prerouting dst-address-list=!cnlist new-routing-mark=l2tp passthrough=yes src-address=
/ip firewall nat
add action=src-nat chain=srcnat comment=src-nat out-interface=pppoe-out1 to-addresses=mypppoeoutwanaddress
add action=masquerade chain=srcnat out-interface=l2tp-out1
/ip route
add distance=1 gateway=l2tp-out1 routing-mark=l2tp
As you see, i set up my l2tp client to route all none "cnip" list traffice to l2tp client connection. But i keep getting error below
l2tp, debug:sent control message to from
I can wait couple of minutes then reconnect l2tp client interface successfully with below log
l2tp, debug:rcvd control messgae to from mypppoeoutwanaddress:1701
What is the best approach to make my configuration work?
I tried add myl2tpserver(obviously none cnip) to "cnlist" to force l2tp connection go through pppoe-out1 route, but no lucky.
Which part i need to modify, and how? And it would be great if someone show me how to make a script to automatic test myl2tpserver1,2,3 and switch them based on availability and ping speed...

Who is online

Users browsing this forum: No registered users and 25 guests