Upcoming Maintenance Alert:

The UBNT Community will be upgraded at 5pm MDT on April 25th. During this time the community forums will be set to read-only status.

Learn more

×
Reply
Highlighted
New Member
Posts: 5
Registered: ‎02-23-2017

L2TP VPN works fine until client # 2 from the same remote location attempts to connect

So i just purcahsed a 5,000$ ubiquiti stack, thinking i had done all my due diligence in making sure Ubiquiti/Unifi is right for me.

 

I love just the right amount of the metallic taste you get from bleeding edge equipment, but mahn, some has gotten in my eye.

 

Alas, I need multple users over an l2tp ipsec tunnel(s) from the same remote location. it doesn't work.

 

windows 7 clients. Remote user VPN using USG internal radius.

 

first user connect, yay! second user: error; unable to connect blah

 

disconnect everyone.

 

have second user connect first...connects, yay! have first user connect....error; unable to connect blah.

 

I read something about the Edge series not implementing the newest version of some underlying software, and thus, the USG hasn't either.

 

My question is... it's been like 2 years.... can I expect this to happen, well, anytime soon? I really don't want to stick this kit in a closet, but if it doesn't work, it doesn't work, and Ubiquiti have kind of designed it as an all-or-nothing stack. 

 

help?

 

 

 

 

New Member
Posts: 39
Registered: ‎07-28-2017
Kudos: 9
Solutions: 3

Re: L2TP VPN works fine until client # 2 from the same remote location attempts to connect

It's the Windows implementation of the L2TP VPN client that causes the problem.

 

You can have multiple clients connected from Android, iOS, Mac OS, even Ubuntu with the right packages.

 

Windows is the only one where only one client can connect from inside/behind a NAT router, mainly because its clients always use the same source port number (normally with TCP/UDP/IP the source port can be drawn from a pool, it's only the destination port that needs to match the service you are connecting to).

It would be like if all web browsers used port 80 for their source port when connecting to http that wouldn't be great either.

 

That said, it would be useful for Ubiquiti to implement IKEv2 IPsec VPN server (with IKEv1 IPsec, OpenVPN and L2TP/IPsec servers as the alternatives. IKEv2 has strong native client support due to strongswan being packaged for lots of platforms including EdgeRouter already. 

 

 

New Member
Posts: 1
Registered: Friday

Re: L2TP VPN works fine until client # 2 from the same remote location attempts to connect

I have the same issue too, very annoying. If the future update can solve this problem with windows devices?

Member
Posts: 406
Registered: ‎03-31-2017
Kudos: 99
Solutions: 29

Re: L2TP VPN works fine until client # 2 from the same remote location attempts to connect

Are you using the USG to terminate the VPN? Or just for radius?
New Member
Posts: 5
Registered: ‎02-23-2017

Re: L2TP VPN works fine until client # 2 from the same remote location attempts to connect

Both.

 

I'm confident this will be ported over from the ER series, I would just like to know where it is on their feature road-map. 

 

 

New Member
Posts: 5
Registered: ‎02-23-2017

Re: L2TP VPN works fine until client # 2 from the same remote location attempts to connect

It appears this issue was resolved on the ER series, but they have yet to port that to the USG. It will likely be a simple upgrade to resolve the issue.

 

 

Reply