Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mle2802
Staff
Staff

Created on ‎11-08-2024 06:27 AM Edited on ‎08-14-2025 05:41 AM By Community Manager

Article Id 356007

Troubleshooting Tip: Error 'The PPP link control protocol was terminated' with L2TP VPN on Window native client

Description This article describes the troubleshooting steps for as well as the solution to the error 'The PPP link control protocol was terminated' when connecting to L2TP VPN from Window native client.
Scope FortiGate.
Solution

An error 'The PPP link control protocol was terminated' is observed when connecting to L2TP VPN tunnel.

L2tp error.png

 

 

Verify the tunnel list, and it's status using the following commands:

 
diagnose vpn l2tp status
diagnose vpn l2tp tunnel <IPv4 address of client>  (all if don't specify)

FGT_1 # l2tp_handle_admin()-202: receive admin message from vdom=0

--- L2tp tunnels (VD: 0) -------
-----------------------
Num of tunnels: 1
-----------------------
Tunnel ID = 1 (local id), 10 (remote id) vfid = 0 vrf = 0
peer 192.168.2.39:1701 duration = 771
control_seq_num = 14, control_rec_seq_num = 4,
last recv pkt = 14
Call ID = 1 (local id), 1 (remote id), serno = 0
assigned ip = 10.10.1.2
data_seq_num = 0,
tx = 4498 bytes (167), rx= 15855 bytes (299)


Upon running the following debug commands on FortiGate, authentication failure is observed:

diagnose debug reset

diagnose debug application l2tp -1
diagnose debug application ike -1

diagnose debug application fnbamd -1

diagnose debug enable

To stop the debug, use the command given below:

 

diagnose debug disable

diagnose debug reset

 

 

The output:


RCV: PAP Authentication_Request id(1) peerid(len=4, minh)
local auth is done with user 'minh', ret=1
LOGIN FAILURES ON ppp0, minhSND: LCP Termiate_Request id(6) len(16)
l2tp_ppp_send()-345: tunnel=1
SND: PAP Authentication_Nak id(1) packet_len=20, message_len=15
l2tp_ppp_send()-345: tunnel=1
l2tp_handle_ppp_packet()-197:
l2tp_ppp_recv()-525: tunnel=1 (len=12)
RCV: LCP Echo_Reply id(0) len(8) [Magic_Number 567e73f8]
l2tp_ppp_down()-330: PPP link is down (tun=1) caller_data=0xf395b58
tear_down_tunnel()-488: closing down tunnel 1
l2tp_handle_ppp_packet()-197:
l2tp_ppp_recv()-525: tunnel=1 (len=20)
RCV: LCP Terminate_Ack id(6) len(16)
Connection terminated.
l2tp_ppp_down()-330: PPP link is down (tun=1) caller_data=0xf395b58
tear_down_tunnel()-488: closing down tunnel 1


From the debug, the reason for the issue is an authentication failure. Checking L2TP config again, and the wrong group is used.

l2tp wrong gr.png
Change to the correct user group and reconnect.

right grou.png

l2tp success.png
1479
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.