Bug #1667: L2TP server does not respond properly from a CARP VIP - pfSense - pfSense bugtracker

Bug #1667

L2TP server does not respond properly from a CARP VIP

Added by Jim Pingle over 8 years ago. Updated over 7 years ago.

Status:

New

Priority:

Normal

Assignee:

Category:

L2TP

Target version:

Start date:

07/11/2011

Due date:

% Done:

Estimated time:

Affected Version:

2.0

Affected Architecture:

All

Description

If you setup an L2TP server and try to connect to a CARP VIP on the same interface, it does not work. The server responds from the interface IP rather than the CARP VIP.

The PPTP server does not suffer the same limitation (though it is TCP, not UDP.)

Can be worked around by adding a port forward on the CARP VIP to the WAN IP for udp/1701.

History

#1 Updated by Chris Buechler over 7 years ago

Target version deleted (~~2.1~~)

#2 Updated by Jim Pingle over 7 years ago

This seems to be the classic UDP problem where the system will source the reply from the "closest" address rather than a specified. I didn't see a directive for mpd to bind only to a specific IP so there may not be a good way around this.

Using the port forward method works fine, we may just have to document the issue rather than trying to hack around it in a non-intuitive way.

Also available in: Atom PDF

Project

General

Profile

pfSense

Issues

Custom queries

Bug #1667

L2TP server does not respond properly from a CARP VIP

History

#1 Updated by Chris Buechler over 7 years ago

#2 Updated by Jim Pingle over 7 years ago