Join Log in
Score:1
Güray Kunduracı avatar Server

Ubuntu L2TP Server not allow to connect multiple devices

it flag
Güray Kunduracı

Till today, this website showed me some answers that solve the problem. But it seems I couldn't find the correct answer to this problem.

I have a project for a VPN network for remote service purposes, the network will not be used constantly. I developed C# software for windows clients to set Built-In Windows clients to connect to the company's on-premise server.

The server runs Ubuntu 20.04LTS and I set up Strongswan VPN has 2 clients on it.

Client A and Client B can connect L2TP server without any hassle. Any I can ping to Server from both Clients. When I try to connect with both A and B clients, the server just allows a single device to connect and I can ping the server just a single Client.

What I need pinging from Client A to Client B. I felt can't set ufw firewall or iptables, but not sure where to follow.

Configuration below:

/etc/ipsec.secrets

192.168.0.17 %any : PSK "xpasswordx"

/etc/ppp/chap-secrets

userclientA * xpassx 192.168.30.10
userclientB * xpassx 192.168.30.11

/etc/ipsec.conf

config setup
conn L2TP-PSK-noNAT
        dpdaction=clear
        authby=secret
        auto=add
        keyingtries=3
        ikelifetime=8h
        keylife=1h
        keyexchange = ikev1
        ike=aes256-aes192-aes128-sha384-sha256-sha1-modp2048-modp1536-modp1024!
        type=transport
        left=192.168.0.17
        leftprotoport=17/1701
        right=%any
        rightprotoport=17/%any

/etc/xl2tpd/xl2tpd.conf

    [global]
    ipsec saref = yes
    saref refinfo = 30
    ;debug avp = yes
    ;debug network = yes
    ;debug state = yes
    ;debug tunnel = yes
    [lns default]
    ip range = 192.168.30.2-192.168.30.254
    local ip = 192.168.30.1
    refuse pap = yes
    require authentication = yes
    ;ppp debug = yes
    pppoptfile = /etc/ppp/options.xl2tpd
    length bit = yes

/etc/ppp/options.xl2tpd
    
    logfd 2
    logfile /var/log/xl2tpns.log
    refuse-mschap-v2
    refuse-mschap
    ms-dns 8.8.8.8
    ms-dns 8.8.4.4
    asyncmap 0
    auth
    crtscts
    idle 1800
    mtu 1200
    mru 1200
    lock
    hide-password
    local
    #debug
    name l2tpd
    proxyarp
    lcp-echo-interval 30
    lcp-echo-failure 4

iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere             policy match dir in pol ipsec udp dpt:l2f

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination 

/etc/sysctl.conf

net.ipv4.ip_forward = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.icmp_ignore_bogus_error_responses = 1
20
0 + 0
vpn
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.