"Interface" selected in GUI for L2TP server are not respected in mpd's config
I have pfSense with 2 WANs (ISPs) and L2TP server on it in head office (HO). I RDR 1701/udp to LAN address of pfSense from each of WANs in HO. Each branch office (BO) connects to both external IPs of HO via L2TP. I selected LAN for L2TP server's "Interface" in GUI (HO), but it I see via sockstat that it still listens on *:1701. Session from BO to WAN1 (default gw) of HO established. Session from BO to WAN2 of HO fails with this error:
Jul 12 01:01:05 l2tps: Incoming L2TP packet from 126.96.36.199 33450
Jul 12 01:01:05 l2tps: L2TP: connect: Address already in use
I added LAN ip directly in mpd's config (/var/etc/l2tp-vpn/mpd.conf) by hand and this solved problem for me:
set l2tp self 192.168.0.1
Now both L2TP sessions from BO to HO are established. Sockstat shows mpd is listening on LAN IP only.
Link to my question in pfSense's forum:
P.S. Another desire to be able to setup two or more independent L2TP servers (as we can do for OpenVPN). It'll make easier to setup interfaces costs for OSPF.
Updated by Phillip Davis about 6 years ago
The interface gets saved OK in the config, but in /etc/inc.vpn.inc function vpn_l2tp_configure() there is no mention of 'interface'. It seems to me that there is simply no code to implement the selected interface - seems odd, but would explain why selecting a particular interface has no effect.
Updated by Taras Savchuk about 6 years ago
Works for me.
[2.2.2-RELEASE][email@example.com]/etc/inc: diff vpn.inc vpn.inc.orig
< $ipaddr = get_interface_ip(get_failover_interface($l2tpcfg['interface']));
< if (is_ipaddrv4($ipaddr))
< $l2tp_listen="set l2tp self $ipaddr";
P.S. Don't know is it necessary to check IP with is_ipaddrv4().