L2TPv3 in IPSEC-ESP with Dynamic IP


#1

Hello,

Can you point me to a valid L2TPv3 over IPSEC configuration where one of the sites is using a Dynamic IP address?

I don’t know how to configure the “set interfaces l2tpv3 l2tpeth0 local-ip X.X.X.X”. The command is mandatory and does not accept “any” like the IPSEC config does.

FYI: I configured the IPSEC as follows:

site-to-site { peer 192.168.2.22 { authentication { id @lanino mode pre-shared-secret pre-shared-secret **************** } connection-type initiate ike-group IKE-1 ikev2-reauth inherit local-address any tunnel 1 { allow-nat-networks disable allow-public-networks disable esp-group ESP-1 local { } protocol 115 remote { } } } }

TIA


#2

If one side has dynamic address, you can use the same approach as described here: https://wiki.vyos.net/wiki/GRE/IPsec#Setup_option_.232:_sourcing_the_tunnel_from_loopbacks