L2TP disconnect

ipsec

#1

good day
several days ago i changed our gateway based on windows to vyos. My configuration now more simple than i think as begging, but it works…
i have only one issue: in my configuration i have l2tp vpn with radius server based on windows ad. Client successfully connected to vpn but after some time (about several hour, i haven’t accurate time now) connections was lost and on next try client receive 789 error.
I try to some excrements from my home network (two computers behind nat that connected to internet):
on computer 1 i connected to L2TP and work for some time. After connection was interrupted i try to connect to VPN from computer 2 and get same 789 error.
BUT i try to connect to VPN from computer 1 via 3G network - and all works fine!
after some time (about half of hour or may be hour) i can connect to VPM from both computer via my home network without any problem.
so i think that there is some problem with something like timeout or lifetime of key may be…
this is my configuration for l2tp:
vpn {
ipsec {
ipsec-interfaces {
interface pppoe0
}
nat-networks {
allowed-network 0.0.0.0/0 {
}
}
nat-traversal enable
}
l2tp {
remote-access {
authentication {
mode radius
radius-server 192.168.0.10 {
key ********
}
}
client-ip-pool {
start 192.168.0.150
stop 192.168.0.200
}
dns-servers {
server-1 192.168.0.10
server-2 192.168.0.11
}
ipsec-settings {
authentication {
mode pre-shared-secret
pre-shared-secret ********
}
ike-lifetime 3600
}
outside-address ...
}
}
}


#2

Hi Anatoly,

Could you provide output of next commands:
:~$ sh ver
:~$ sh vpn remote-access
:~$ show vpn debug

Oleksandr Mamenko