L2TP Client: Ubiquiti Edgerouter

From AAISP Support Site
Revision as of 22:24, 5 September 2022 by AA-Andrew (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


(September 2022) It's been reported that Ubiquiti Edgerouter has broken authentication that affects L2TP connections. We may log authentication failures due to this, and the connection not connect. This issue is with the implementation of L2TP in the Edgerouter, specifically CHAP authentication.

EdgeOS 2.0.9 - maybe others.

Summary: the OS generates a file for xl2tpd to read, but it sets the server name as xl2tpd. When looking for CHAP credentials for 'aaisp, it only finds xl2tpd and gives up.

Here is where the customer found the answer: https://community.ui.com/questions/Bug-l2tp-client-CHAP-is-broken-due-to-bad-etc-ppp-chap-secrets-on-EdgeOS-2-0-9/b40dd55c-9bc4-4222-bf33-b0a35e894183

At the time, the solution in the post didn't work, so a temporary solution is to hand-edit the generated file for the tunnel, then kill the xl2tpd process. This makes it try and reconnect without re-generating the file. It gets connected.