There are way too many posts about issues with VPN and L2TP with load-balance config on 1.9.0 firmware.
The issue is being tracked by UBNT (see beta forum # 6 HERE) and hopefully we'll see permanent fix soon.
Temporary workaround is to add connected routes via /usr/sbin/ubnt-add-connected.pl script. This needs to be executed periodically.
Here's a little cron to do it every 5 minutes with minimal load on a system.
1) Create script /config/scripts/fix-add-connected.sh with content
#!/bin/bash/sbin/ip route show table 201 | /bin/grep -q "127.0.0.0/8" || /usr/sbin/ubnt-add-connected.pl
# add any logging you may want here
If you're using non-default LB routing tables change 201 for one of your custom routing LB tables.
Make sure the script is executable by chmod 755 /config/scripts/fix-add-connected.sh
2) Create task scheduler to execute it every 5 minutes
task-scheduler {
task ADD_CONNECTED {
executable {
path /config/scripts/fix-add-connected.sh
}
interval 5m
}
}... same as configuration commands
set system task-scheduler task ADD_CONNECTED executable path /config/scripts/fix-add-connected.sh set system task-scheduler task ADD_CONNECTED interval 5m