No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

How to solve the l2tp over ipsec tunnel isse

Publication Date:  2013-10-28 Views:  110 Downloads:  0
Issue Description
HRP_M[Mango-USG-01]display ike sa
20:32:13  2013/10/24
current ike sa number: 2
-----------------------------------------------------------------------------
conn-id    peer                    flag          phase vpn
-----------------------------------------------------------------------------
40223      217.13.116.124:4184     RD            v1:2  public
40222      217.13.116.124:4184     RD            v1:1  public

  flag meaning
  RD--READY    ST--STAYALIVE  RL--REPLACED      FD--FADING
  TO--TIMEOUT  TD--DELETING   NEG--NEGOTIATING  D--DPD

HRP_M[Mango-USG-01]display l2tp tunnel
20:32:25  2013/10/24
Total tunnel = 0
LocalTID RemoteTID RemoteAddress    Port   Sessions RemoteName

Clien can't establish l2tp over ipsec tunnel to USG firewall
Alarm Information
None
Handling Process
There is no negotiation data packet send out from USG:

==========================================================
  ===============display l2tp statistic===============
==========================================================
16:57:27  2013/10/25
=============================================
Inbound packets:             1052
Control packets:             1052
Data packets:                0
PppIp packets:               0
PppControl packets:          0
Create L2tp session:         0
Create Nat session:          0
Fragment process counts:     0
Inbound success packets:     0
Devolve after decap packets: 0
Outbound packets:            0
Outbound success packets:    0
Outbound to ipsec:           0
Devolve to encap packets:    0

Finally, when display fib and display ipsec sa, we found that there is no route for l2tp negotiation packet.

when customer add a static route,  issue solved
Root Cause
None
Suggestions
None

END