We have an UTM9 with ~50 L2TP VPN road warrior clients. Authentication is done via RADIUS against a Windows DC.
Some of the road warriors now sit in the same building, each creating its own L2TP tunnel. The router they have there seems to get confused by that many concurrent tunnels and drops them randomly.
Our idea is to have the router create one L2TP tunnel for all users there.
We configured the router's VPN user with a static VPN IP address (in Windows RRAS) and it does get assigned - so far so good.
We now need to tell the UTM where to route the traffic going to the users behind the router. We created a static route in UTM pointing the router's internal network to the router's static VPN IP, and this works fine as long as the tunnel is up.
As soon as the tunnel goes down (stupid daily DSL disconnect in Germany), the static route gets dropped from the UTMs routing table and never appears again until we MANUALLY disable and enable the route in the GUI.
I found some other users with the same problem here:
http://www.astaro.org/gateway-produc...reconnect.html
http://www.astaro.org/gateway-produc...tic-route.html
but unfortunately no solution was offered.
Is there any way to stop the UTM dropping the route -or- make it recreate the route when the tunnel is up again?
I know we are trying to use the remote access VPN for a situation that site-2-site-VPN is meant for, but the router only supports L2TP and the S2S VPN does not.
Some of the road warriors now sit in the same building, each creating its own L2TP tunnel. The router they have there seems to get confused by that many concurrent tunnels and drops them randomly.
Our idea is to have the router create one L2TP tunnel for all users there.
We configured the router's VPN user with a static VPN IP address (in Windows RRAS) and it does get assigned - so far so good.
We now need to tell the UTM where to route the traffic going to the users behind the router. We created a static route in UTM pointing the router's internal network to the router's static VPN IP, and this works fine as long as the tunnel is up.
As soon as the tunnel goes down (stupid daily DSL disconnect in Germany), the static route gets dropped from the UTMs routing table and never appears again until we MANUALLY disable and enable the route in the GUI.
I found some other users with the same problem here:
http://www.astaro.org/gateway-produc...reconnect.html
http://www.astaro.org/gateway-produc...tic-route.html
but unfortunately no solution was offered.
Is there any way to stop the UTM dropping the route -or- make it recreate the route when the tunnel is up again?
I know we are trying to use the remote access VPN for a situation that site-2-site-VPN is meant for, but the router only supports L2TP and the S2S VPN does not.