Simultaneous-Use works for PPTP/L2TP but not OpenVPN

Alan DeKok aland at
Tue Feb 11 16:25:51 CET 2014

David Cox wrote:
> I have several VPN servers and 2 radius servers. I run OpenVPN, PPTP and
> L2TP. PPTP/L2TP will respect the simultaneous-use flag but OpenVPN does not
> respect the simultaneous-use flag on my primary radius server.

  That's really a wrong description.  Simultaneous-Use is implemented on
FreeRADIUS, not OpenVPN.

> It seems to
> work just fine if I use the failover. Here is the debug output.

  Which shows one accounting packet.  i.e. it's useless for telling the
difference between the working and non-working systems.

> The only
> things I can see that is different between the primary and backup is OpenVPN
> has caps in the primary and for some reason [detail] expand:
> %{Packet-Src-IP-Address} is not displayed in the primary logs. Any advice
> would be a huge help.

  Run the server in debugging mode, and look at the packets.  ALL OF
THEM.  Look at the authentication and accounting packets for a working
session, and then compare them to the authentication and accounting
packets for a non-working session.

  The differences will be why one works and the other doesn't.

  Alan DeKok.

More information about the Freeradius-Users mailing list