FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description The link control protocol (LCP) frames are transmitted during the link establishment and termination phases, and periodically during the life of the link. It is used to negotiate the configuration of the PPP link, and to test and maintain the link, once it is established.
This article describes how to modify the LCP Echo timer in L2TP VPN.
Solution - Basically LCP Echo-Request and Echo-Reply are used as a keep alive for the link/L2TP VPN. - The default time interval in seconds between PPPoE Link Control Protocol (LCP) echo requests is 5sec and it could be modified between 0 to 32767. - The default Maximum number of missed LCP echo messages before disconnect is 3 and it can be modified between 0 to 32767.
L2TP Debug.
SND: LCP Echo_Request id(14) len(8) [Magic_Number 5c33c6bb] l2tp_ppp_send()-395: tunnel=52 No response to 3 echo-requests <----- Missed LCP echo messages before disconnection. Serial link appears to be disconnected. ipcp: down ppp:0x7f7940007000 caller:0x1872e100 tun:-1 SND: LCP Termiate_Request id(6) len(23) l2tp_ppp_send()-395: tunnel=52 SND: LCP Termiate_Request id(7) len(23) l2tp_ppp_send()-395: tunnel=52 Connection terminated.
CLI Syntax.
# config vpn l2tp set lcp-echo-interval “integer” >> Enter an integer value from <0> to <32767> (default = <5>). set lcp-max-echo-fails “integer” >> Enter an integer value from <0> to <32767> (default = <3>). end
Internal Notes Note. The PPP Echo-Request and Echo-Reply are not related to the ICMP Echo Request and Echo Reply messages
