Hi,
- my home laptop with two clients: (a) VM RouterOS v7 and (b) xl2tpd+strongswan
- my LAN is behind NAT, so both clients are behind the same public IP
- server (CHR under RouterOS v7) located somewhere in public cloud
- VM RoS calls server from udp/1701, xl2tpd calls server from udp/1702. In this configuration it works, as soon as I reconfigure xl2tpd to use udp/1701 as a source, life ends (which is expected).
Anyone here from Mikrotik?
Is this absolutely impossible?
Thank you.
I created the lab and can confirm - when clients are using different source port, everything works. My lab is the following:"Some client implementations are aware of this and use random ports. RouterOS server implementation is not strict in this and accepts connections from such clients, so this is a solution of the problem for these implementations" -- so it can be a solution for Mikrotik client as well.
- my home laptop with two clients: (a) VM RouterOS v7 and (b) xl2tpd+strongswan
- my LAN is behind NAT, so both clients are behind the same public IP
- server (CHR under RouterOS v7) located somewhere in public cloud
- VM RoS calls server from udp/1701, xl2tpd calls server from udp/1702. In this configuration it works, as soon as I reconfigure xl2tpd to use udp/1701 as a source, life ends (which is expected).
Randomizing is not a case. To work around this problem, we need to specify the port in the policy, so it's just required to do the very simple thing - add ability to specify source port for l2tp client session. That's all and this many-years-standing issue will gone.But t seems this functionality is not implemented in RouterOS l2tp client - there is no possibility to change the source port. If this can be a solution, how it's possible to ask Mikrotik to implement this feature (randomizing l2tp client's source port)?
Anyone here from Mikrotik?

Thank you.
Statistics: Posted by doka — Sat Dec 30, 2023 12:08 am