Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 3302 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2TP not passing traffic

JasonP
I have mac users that I'ce set up with L2tp over IpSec.  They can connect fine and can ping the UTM.  But traffic is not passing through to the internal network behind the UTM.  I have a firewall rule set to allow all traffic from the L2TP network to pass through to the internal network but it's still not working.
Any suggestions?
I've set this up before and it's worked fine.  Not sure what I'm missing?


This thread was automatically locked due to age.
Parents
  • 0
    I did resolve this for me:

    It is HA-related.

    Reason: 
    I noticed that it was always the first IP from the IPSEC-IP-Pool which could not route any traffic through the tunnel.
    First I thought that there is some device in the DMZ using this IP but could not find any.
    So I changed the IP Pool to a different one and now it was working as expected.
    During further investigation I came to over entry in ipsec.log:

    ""D_REF_IpsRoaMwxtest2_0"[190] 79.228.236.174:4500 #1502: ERROR: netlink XFRM_MSG_NEWPOLICY response for flow tun.0@79.228.236.174 included errno 17: File exists""


    Google pointed me to  this old topic and that makes sense.

    hth - Chris
Reply
  • 0
    I did resolve this for me:

    It is HA-related.

    Reason: 
    I noticed that it was always the first IP from the IPSEC-IP-Pool which could not route any traffic through the tunnel.
    First I thought that there is some device in the DMZ using this IP but could not find any.
    So I changed the IP Pool to a different one and now it was working as expected.
    During further investigation I came to over entry in ipsec.log:

    ""D_REF_IpsRoaMwxtest2_0"[190] 79.228.236.174:4500 #1502: ERROR: netlink XFRM_MSG_NEWPOLICY response for flow tun.0@79.228.236.174 included errno 17: File exists""


    Google pointed me to  this old topic and that makes sense.

    hth - Chris
Children
No Data
Unfiltered HTML