L2TP connection to Android disconnect after 121 Seconds

gamsgnack
gamsgnack Posts: 4
First Comment
edited April 2021 in Security
Hello,

121 Seconds after establishing a L2TP connection from Android-Device to USG-60w the connection will be dropped. The Message is:

"ZyXEL|USG60||0|L2TP|4|src=0.0.0.0 dst=80.xxx.xxx.xxx spt=0 dpt=63611 msg=Destroying tunnel ID 22693 due to no connectivity to its peer within 121 seconds"

But in both directions i sent data continuoulsy.

I configure the connection like: http://onesecurity.zyxel.com/img/uploads/ZyWALL_L2TP_VPN_Setup.pdf 

How can i expand the 2 minutes-limit or disable it?

Thank you
Gamsgnack

Comments

  • PeterUK
    PeterUK Posts: 2,651  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    try setting the "keep Alive Timer" to 1 second

    lease time to  for the user more then 2 mins default is 1440
  • setting keep alive in l2tp settings to 1 sec and user lease time to 1000 min. 

    Same behaviour like before.  Disconnection after 121 seconds.
  • PeterUK
    PeterUK Posts: 2,651  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited April 2020

    Are you using the newest firmware?

    Does your WAN IP change every 2mins? or does your client IP change every 2mins?

    Is the IP range for the VPN not overlap with a LAN subnet?


  • gamsgnack
    gamsgnack Posts: 4
    First Comment
    edited April 2020
    Firmware ist up to date: V4.35(AAKY.3) / 2020-02-26 17:00:28

    WAN IP is relatively stable for days. I use dyndns to resolve the WAN address.

    Client also has a stable IP. 

    Subnet from VPN ist definitely not overlapping with LAN subnet.
  • PeterUK
    PeterUK Posts: 2,651  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    I have tested here with a USG40 and a Android-Device and the VPN is stable I do have a Non- W USG 60 but the code for VPN should be the same under V4.35.

    Is the USG60W get the WAN IP and is not behind a NAT router?

    What Android version do you have? can you test remotely with a PC win 10? 
  • I established a hotspot from the Android 10 device i mentioned the posts before. Win 10 logged in via wlan with the same l2tp-account with no problems an no disconnect. Chromebook the same - no disconnect.

    But when i disable the hotspot on the Android 10 device and establish the l2tp-connection with this device, after 121 seconds the disconnect is coming like i discribed in the first post.

    I think Android 10 (Pixel 3a XL without root) is the problem.

Security Highlight