This article describes the issue of Window Native L2TP disconnected immediately after connection, the troubleshooting steps, and a possible workaround.
Scope
Window native L2TP VPN.
Solution
IPsec connection show up and L2TP information has been negotiated. The PPP link shows up. After 1 second, the following message appear:
Run IKE and l2tp debug from FortiGate:
diagnose debug application ike -1 diagnose debug application l2tp -1
l2tp_handle_ppp_packet()-197: l2tp_ppp_recv()-525: tunnel=1 (len=20) RCV: LCP Termiate_Request id(11) len(16) LCP terminated by peer <-- Connection terminated by client. ipcp: down ppp:0x7f3070610800 caller:0xb5550d8 tun:-1 SND: LCP Terminate_Ack id(11) len(4) l2tp_ppp_send()-345: tunnel=1 l2tp_ppp_down()-330: PPP link is down (tun=1) caller_data=0xb5550d8 tear_down_tunnel()-488: closing down tunnel 1
Run the ESP packet capture and decrypt the packet. It will show the following:
Client trying to access www.msftconnecttest.com before sending the termination request.
L2TP disconnection will happen when the connection to www.msftconnecttest.com asks for authentication as below:
Resolution:
Allow access to www.msftconnecttest.com with a captive portal exemption or authentication exemption.