Number of L2TP Connections Suddenly Limited (NSA3600)

snkipg · September 2020

Until last week we routinely had 60+ users connected via L2TP VPN authenticated to AD via RADIUS. Today the number of users appears to be capped at around 40. Nobody can connect until an existing user drops. What could be the reason? No changes have been made, uptime is 100 days. Firewall and Windows logs show that authentication is working but connection immediately drops -

Received IKE SA delete request

VPN Inform Received IPsec SA delete request

VPN Inform L2TP Server: Tunnel Disconnect from Remote.

Network Inform PPP: Authentication successful

VPN Inform L2TP Server: RADIUS/LDAP Authentication Success

Thanks

SonicOS Enhanced 6.5.4.4-44n

Ajishlal · September 2020

Hi @snkipg

Please check the Server user/group session timeout and maximum user allowed.

Session Timeout (Minutes) :Sets the duration of user inactivity before a session terminates.

Valid Input: The default is 0, which means that the session never times out.

Enable Session timeout: If enabled, user sessions terminate after N-minutes of inactivity. This minimizes the chances of an unattended user session being hijacked.

As well as please follow the Sonicwall KB:

https://www.sonicwall.com/support/knowledge-base/configuring-radius-and-ldap-authentication-concurrently/170505306547635/

Best Regards

Ajish

Join the Conversation

Number of L2TP Connections Suddenly Limited (NSA3600)

Answers