"Interface" selected in GUI for L2TP server are not respected in mpd's config
I have pfSense with 2 WANs (ISPs) and L2TP server on it in head office (HO). I RDR 1701/udp to LAN address of pfSense from each of WANs in HO. Each branch office (BO) connects to both external IPs of HO via L2TP. I selected LAN for L2TP server's "Interface" in GUI (HO), but it I see via sockstat that it still listens on *:1701. Session from BO to WAN1 (default gw) of HO established. Session from BO to WAN2 of HO fails with this error:
Jul 12 01:01:05 l2tps: Incoming L2TP packet from 188.8.131.52 33450
Jul 12 01:01:05 l2tps: L2TP: connect: Address already in use
I added LAN ip directly in mpd's config (/var/etc/l2tp-vpn/mpd.conf) by hand and this solved problem for me:
set l2tp self 192.168.0.1
Now both L2TP sessions from BO to HO are established. Sockstat shows mpd is listening on LAN IP only.
Link to my question in pfSense's forum:
P.S. Another desire to be able to setup two or more independent L2TP servers (as we can do for OpenVPN). It'll make easier to setup interfaces costs for OSPF.
#1 Updated by Phillip Davis almost 6 years ago
The interface gets saved OK in the config, but in /etc/inc.vpn.inc function vpn_l2tp_configure() there is no mention of 'interface'. It seems to me that there is simply no code to implement the selected interface - seems odd, but would explain why selecting a particular interface has no effect.
#2 Updated by Taras Savchuk almost 6 years ago
Works for me.
[2.2.2-RELEASE][email@example.com]/etc/inc: diff vpn.inc vpn.inc.orig
< $ipaddr = get_interface_ip(get_failover_interface($l2tpcfg['interface']));
< if (is_ipaddrv4($ipaddr))
< $l2tp_listen="set l2tp self $ipaddr";
P.S. Don't know is it necessary to check IP with is_ipaddrv4().