No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
MENU
Knowledge Base

Dialup Through L2TP over IPSec on USG5320 Fails

Publication Date:  2013-12-31  |   Views:  272  |   Downloads:  0  |   Document ID:  EKB1000038603

Contents
Issue Description Alarm Information Handling Process Root Cause Suggestions

Issue Description


L2TP over IPSec is configured on the USG5320, and the AR1220's IP address 218.8.213.146 is mapped to the USG5320's IP address 192.168.100.2. A PC fails to perform a dialup operation through L2TP over IPSec, but can perform a dialup operation through L2TP.

Alarm Information

None

Handling Process

1. Check the L2TP session on the USG5320.
udp  VPN:public --> public
  Zone: untrust--> untrust  TTL: 00:02:00  Left: 00:01:26
  Interface: Ethernet0/0/0  NextHop: 192.168.100.1  MAC: 00-00-00-00-00-00
  <--packets:0 bytes:0   -->packets:12 bytes:1474
  192.168.253.10:45094-->218.8.213.146:1701
The destination IP address is the AR's public IP address.
2. Change the L2TP network server (LNS) IP address to the USG5320's IP address 192.168.100.2 on the VPN client.
Check the L2TP session on the USG5320 again.
udp  VPN:public --> public
  Zone: untrust--> local  TTL: 00:02:00  Left: 00:02:00
  Interface: InLoopBack0  NextHop: 127.0.0.1  MAC: 00-00-00-00-00-00
  <--packets:20 bytes:1247   -->packets:17 bytes:1048
  192.168.253.10:18983-->192.168.100.2:1701
The dialup operation succeeds.

Root Cause

1. Route fault
2. Other faults

Suggestions

When address mapping is configured in the L2TP over IPSec scenario, pay attention to the L2TP LNS IP address configuration.
Feedback
Related resources
Documentation Software Download Bulletins Tools
Help us to improve
Write an article
Enterprise APP

Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.