After a lot more fiddeling with configurations I am now able to get the NAP service to send some more attributes: I am now getting <MS-MPPE-Encryption-Policy 2> <MS-MPPE-Encryption-Type 4> in my log. I do not get the “mppe: 128-bit session keys not allowed…” message anymore.
But still I don’t get any ip-addresses on the l2tp0 device and no traffic can pass the VPN connection.
LOG
Jun 21 21:23:23 vyos accel-l2tp: :: recv [RADIUS(1) Access-Accept id=1 <Port-Limit 1> <Class 0xa71f09010000013700010200c10f603c000000007c3c5746a5a3743501d64811eb8a6dff0000000000000002> <MS-MPPE-Recv-Key 0x800369d060536b1d3a33470aed402255ef1c9d618cb2fdc86c4bfe43fb1237356612> <MS-MPPE-Send-Key 0x8004abd6be0f4e1851fb409fed7aa9b697a6df4f7699c4a1d2c600960d3647ea7e87> <MS-CHAP2-Success 0x01533d31443031424337343435343731353335423133324641383936434343343831433143393445314636> <MS-CHAP-Domain “#001DOMAIN”> <MS-MPPE-Encryption-Policy 2> <MS-MPPE-Encryption-Type 4>]