L2TP Connection Drops

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
stryan
Posts: 1
Joined: Thu Apr 23, 2020 5:28 pm

L2TP Connection Drops

Post by stryan » Thu Apr 23, 2020 5:45 pm

I run a SoftEther 4.29-9680 server with both OpenVPN and L2TP over IpSec enabled, with the latter using a PSK. Some of my users have been experiencing connection drops with varying frequency when connecting with L2TP. The OpenVPN users have no problems.

It's been affecting OS X and Windows users and one possible Linux user. I've attached the log entries of one such drop:

server_log:

Code: Select all

2020-04-23 09:57:01.814 IPsec Client 4995 (<client_ip>:4500 -> <server_ip>:4500): The port number information of this client is updated.
2020-04-23 09:57:01.814 IPsec IKE Session (IKE SA) 8019 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): This IKE SA is established between the server and the client.
2020-04-23 09:57:02.826 IPsec IKE Session (IKE SA) 8019 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): The client initiates a QuickMode negotiation.
2020-04-23 09:57:02.826 IPsec ESP Session (IPsec SA) 15680 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): A new IPsec SA (Direction: Client -> Server) is created. SPI: 0xD7DE6613, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2020-04-23 09:57:02.826 IPsec ESP Session (IPsec SA) 15680 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): A new IPsec SA (Direction: Server -> Client) is created. SPI: 0x3495D16, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2020-04-23 09:57:02.836 IPsec ESP Session (IPsec SA) 15680 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): This IPsec SA is established between the server and the client.
2020-04-23 09:57:02.846 IPsec Client 4995 (<client_ip>:4500 -> <server_ip>:4500): The L2TP Server Module is started.
2020-04-23 10:45:03.258 IPsec IKE Session (IKE SA) 8027 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): A new IKE SA (Aggressive Mode) is created. Initiator Cookie: 0xE02C63C097B318E4, Responder Cookie: 0xA645A6B2A6BAA3F7, DH Group: MODP 2048 (Group 14), Hash Algorithm: SHA-2-256, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2020-04-23 10:45:03.258 IPsec Client 4995 (<client_ip>:4500 -> <server_ip>:4500): 
2020-04-23 10:45:03.258 IPsec IKE Session (IKE SA) 8019 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): The client initiates a QuickMode negotiation.
2020-04-23 10:45:03.258 IPsec ESP Session (IPsec SA) 15698 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): A new IPsec SA (Direction: Client -> Server) is created. SPI: 0x7A2BF2F4, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2020-04-23 10:45:03.258 IPsec ESP Session (IPsec SA) 15698 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): A new IPsec SA (Direction: Server -> Client) is created. SPI: 0x2E44DDE, DH Group: (null), Hash Algorithm: SHA-1, Cipher Algorithm: AES-CBC, Cipher Key Size: 256 bits, Lifetime: 4294967295 Kbytes or 3600 seconds
2020-04-23 10:45:03.289 IPsec IKE Session (IKE SA) 8027 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): This IKE SA is established between the server and the client.
2020-04-23 10:45:03.289 IPsec IKE Session (IKE SA) 8027 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): This IKE SA is deleted.
2020-04-23 10:45:03.289 IPsec IKE Session (IKE SA) 8019 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): This IKE SA is deleted.
2020-04-23 10:45:03.289 IPsec ESP Session (IPsec SA) 15698 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): This IPsec SA is deleted.
2020-04-23 10:45:03.289 IPsec ESP Session (IPsec SA) 15680 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): This IPsec SA is deleted.
2020-04-23 10:45:03.289 IPsec ESP Session (IPsec SA) 15698 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): This IPsec SA is deleted.
2020-04-23 10:45:03.289 IPsec ESP Session (IPsec SA) 15680 (Client: 4995) (<client_ip>:4500 -> <server_ip>:4500): This IPsec SA is deleted.
2020-04-23 10:45:13.260 IPsec Client 4995 (<client_ip>:4500 -> <server_ip>:4500): This IPsec Client is deleted.
In this example, the user was on a Macbook running, I think, OS X 10.15.3 Catalina.

Any ideas what might be happening?

(EDIT: Put in correct OS X version)

Post Reply