12,270
edits
L2TP Client: Ubiquiti Edgerouter: Difference between revisions
m
no edit summary
(Created page with "Category:Incoming L2TP (September 2022) It's been reported that Ubiquiti Edgerouter has broken authentication that affects L2TP connections. We may log authentication fai...") |
mNo edit summary |
||
| (4 intermediate revisions by the same user not shown) | |||
|
(September 2022) It's been reported that Ubiquiti Edgerouter has broken authentication that affects L2TP connections. We may log authentication failures due to this, and the connection not connect. This issue is with the implementation of L2TP in the Edgerouter, specifically CHAP authentication.
EdgeOS 2.0.9 - maybe others.
'''Summary:''' the OS generates a file for xl2tpd to read, but it sets the server name as xl2tpd. When looking for CHAP credentials for 'aaisp, it only finds xl2tpd and gives up.
At the time, the solution in the post didn't work, so a temporary solution is to hand-edit the generated file for the tunnel, then kill the xl2tpd process. This makes it try and reconnect without re-generating the file. It gets connected.
=Walk Through=
(Updated March 2023)
Create a static route so the L2TP gateway runs over your current ISP gateway (EdgeOS tries to route the L2TP over itself for some reason).
[[File:Edgerouter-L2TP1.png|frameless]]
L2TP set up in the usual way via the config tree
[[File:Edgerouter-L2TP2.png|frameless]]
Add an SNAT rule so LAN clients can access
[[File:Edgerouter-L2TP3.png|frameless]]
You then need to edit the /etc/ppp/peers/l2tpc1 file and add the line "remotename xl2tpd" so it looks something like this
[[File:Edgerouter-L2TP4.png|frameless]]
Then run "sudo service xl2tpd restart" to re-establish the L2TP, it's important this is done via the cli otherwise EdgeOS overwrites this file and removes the line we just added.
This should get v4 up and running.
| |||