No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

L2TP VPN Is Faulty on the AR Router Running V200R007

Publication Date:  2019-04-16 Views:  120 Downloads:  0

Issue Description

Symptom

The following figure shows the networking. At the HQ, the customer deploys an AR2200, which uses the static IP address to access the Internet. At the two branches, the customer deploys AR150 routers, which use PPPoE dialup to access the Internet.

The branches use L2TP VPN to communicate with the HQ. When only one branch establishes a tunnel with the HQ, communication is normal.

When two branches both establish a tunnel with the HQ, the communication with the HQ fails for the two branches, but the tunnels are successfully set up.

Handling Process

1. Confirm the current software version of the device, which is V200R007.

2. Collect the device route configuration. Compare the configuration in the configuration file of the HQ with that in the product documentation. The OSPF dynamic route is used in the product documentation. The current configuration is as follows:

ip route-static 192.168.9.0 255.255.255.0 Virtual-Template1 preference 90

ip route-static 192.168.10.0 255.255.255.0 Virtual-Template1 preference 90

3. According to the symptom and configuration comparison, suspect that the issue is caused by the incorrect route configuration. Confirm with route experts that the route configuration is incorrect.

4. Inform the customer that the routes are configured incorrectly, which need to be corrected as follows:

ip route-static 192.168.9.0 255.255.255.0 192.168.9.1 (IP address of the peer intranet gateway of branch 1)

ip route-static 192.168.10.0 255.255.255.0 192.168.10.1 (IP address of the peer intranet gateway of branch 2)

Root Cause

When L2TP VPN is configured between the HQ and two branches, the same virtual tunnel is configured as the static route from the HQ to the branches. However, the next hop address of the route is not specified correctly. As a result, the route is unreachable.


Suggestions

Compare the configuration and analyze the fault based on the symptom to facilitate troubleshooting.

END