L2TP/PPTP on Balance 710 wiht 6.3.2 with third party DHCP do not work?


#1

Hello,

I have issue with L2TP/PPTP on Balance 710 with 6.3.2 with third party DHCP do not work?
Connection connects just fine; I do have firewall rule to allow traffic from LAN to LAN which is we had working fine for a long time.
But I can’t access anything past the Peplink IP on LAN side from remote PC.
IT was working just fine pre 6.2.2 firmware.

Also in my testing this issue reproducible on balance 380 and if I enable DHCP on Peplink PPTP works fine and I’m able to hit LAN via PPTP
But if I disable DHCP and use 3[SUP]rd[/SUP] party DHCP it’s stops to work and again I can’t hit anything on LAN side of the Peplink I’m connecting to via PPTP


#2

Hi Andrey,

Your ticket has been taken care by Tech Support. We will follow up from there.

Thank you.


#3

Thank you, The sssue have been resolved!


#4

Quote:“Thank you, The issue have been resolved!” -> Why you didn’t post the solution of the problem? Could you please post the solution!?

I think we have a similar problem. The L2TP VPN for Clients (iOS and Windows) does not work properly. Peplink makes no DHCP. The Domaincontroller in the LAN behind the Peplink makes DHCP. That works fine. The L2TP-VPN-Client get a IP-Adress inner the Subnet 192.168.0.0, for Example the 192.168.0.135. From now it will be mystoies. The VPN-Client can Ping some hosts in the LAN, for Example this hosts: 192.168.0.1 = Peplink, 192.168.0.2, 192.168.0.8, 192.168.0.19, 192.168.0.72,
192.168.0.120.

But the important destinations like Terminalserver1 (192.168.0.10), Terminalserver2 (192.168.0.22) and the Domaincontroller (192.168.0.4) are unreachable for the L2TP-VPN-Clients. There goes nothing, no Ping, no RDP etc. If I login to the WebGUI of Peplink->System->Tools->Ping->LAN and make a Ping to Terminalserver1 (192.168.0.10), Terminalserver2 (192.168.0.22) it works.

Results:

192.168.0.10
PING 192.168.0.10 (192.168.0.10) from 192.168.0.1 56(84) bytes of data.
64 bytes from 192.168.0.10: icmp_req=1 ttl=128 time=0.360 ms

192.168.0.22
PING 192.168.0.22 (192.168.0.22) from 192.168.0.1 56(84) bytes of data.
64 bytes from 192.168.0.22: icmp_req=1 ttl=128 time=0.523 ms

In my eyes it makes no sense. There is no other Firewall in the Network (behind Peplink). There is also no VLAN definied. It seems, as would block anything inner the Peplink the traffic to some destinations in the LAN, and there are no policys definied in the Peplink.

I read about, that it is not good, that the VPN-Clients get a IP-Adress inner the range of LAN-Subnet. The Routing will not work properly. But is it possible to activate the Peplink DHCP Server only for L2TP-VPN-Clients, so that they could get a IP-adress out of another SUBnet. Hope you know what I mean.

Hope someone can help me please!?


#5

@Rainer_Nowak sorry but this was addressed and resolved twice via support and providing remote access to the router.
The response was pretty silly something like this: "Nothing broken, this is the way it works. We will take a look."
Suddenly after granting remote access, it started to work.
The fix didn’t survive a reboot. SO I had to reopen my support ticket and next time the fix seems more stable.
Knock on wood.


#6

@astryukov Please continue the issue using the previous ticket. We will work from there.

@Rainer_Nowak Found you had opened a support for the issue, support team will followup with you using support ticket.


L2TP with external DHCP server
Vpn to specific LAN/VLAN
#7

well, my issue resolved for now. Will reopen a ticket if needed.
Pep - thanks for the help!