Netgate SG-1000 microFirewall

Author Topic: L2TP Server + IPSec binding on CARP VIP  (Read 1695 times)

0 Members and 1 Guest are viewing this topic.

Offline fneto

  • Jr. Member
  • **
  • Posts: 91
  • Karma: +0/-0
    • View Profile
L2TP Server + IPSec binding on CARP VIP
« on: October 08, 2015, 09:09:02 am »
Hi All! How are you!

I have two boxes with PfSense 2.2.4 in High Availability mode, with 2 WAN links in each server (Internet Links with x.x.x.x/28 mask, so I have one fixed ip for each link in each server and 1 VIP for the link).

My problem is that I'm trying to setup a L2TP server with IPSec, but when I choose the interface mpd4/L2TP server bind only on the first fixed IP of the selected interface.

To fix it temporarily I change the /var/etc/l2tp-vpn/mpd.conf file and add the "l2tp self x.x.x.x" (CARP VIP).

It works but if I save it again on the webgui of course it is deleted.

So I'd like to know if is possible to change something to bind the L2TP to an specific Carp VIP or to all IP's of the selected interface and better, if it is possible to bind to a gateway group instead of an specific interface, because if the primary link goes down I want that my clients continue connect using the secondary link.

Thanks!

Offline fneto

  • Jr. Member
  • **
  • Posts: 91
  • Karma: +0/-0
    • View Profile
Re: L2TP Server + IPSec binding on CARP VIP
« Reply #1 on: October 08, 2015, 11:56:46 am »
I've just noticed that even with only rebooting the machine the configuration is overwrite and I can use the VIP address, so if anyone have at least on direction in where I can look or change I'll be very glad ok!

Thanks!