L2TP/IPSec with IPv6 Connection?
Posted: Sun Jun 18, 2017 1:39 am
We have a VPN that works fine for Windows and Android on IPv4, but I can't seem to get it to work on IPv6.
Initially I had trouble with ph2 packets in the log, but I fixed that by creating an IPv6 specific policy in /ip ipsec policy:
Here's the /ip ipsec proposal:
Here's /interface l2tp-server server
Here's the ppp profile:
I don't get any errors in the logs, it just repeatedly tries to initiate the session. Any guidance or configs I can cargo cult are welcome!
Initially I had trouble with ph2 packets in the log, but I fixed that by creating an IPv6 specific policy in /ip ipsec policy:
Code: Select all
2 T ;;; ipv6
group=default src-address=::/0 dst-address=::/0 protocol=all proposal=l2tp-proposal template=yes
Code: Select all
1 name="l2tp-proposal" auth-algorithms=sha256,sha1,md5 enc-algorithms=aes-256-cbc,aes-128-cbc,3des lifetime=30m pfs-group=modp1024
Code: Select all
enabled: yes
max-mtu: 1450
max-mru: 1450
mrru: disabled
authentication: mschap2
keepalive-timeout: 30
max-sessions: unlimited
default-profile: l2tp-profile
use-ipsec: yes
ipsec-secret: hunter2
allow-fast-path: no
Code: Select all
1 name="l2tp-profile" local-address=xxx.xxx.xxx.254 remote-address=internal-pool remote-ipv6-prefix-pool=office-internal-new use-ipv6=yes use-mpls=default use-compression=default use-encryption=default only-one=default change-tcp-mss=yes use-upnp=default
address-list="" dns-server=xxx.xxx.xxx.xxx on-up="" on-down=""