Не подключается VPN L2TP/IPSec

[SAGAK]

Добрый день!

Подскажите, пожалуйста, создал VPN подключение, L2TP/IPSec, но оно не подключается (хотя если создать аналогичное в винде - всё нормально подключается и работает):

Сен 8 09:33:04

ndm

IpSec::Netfilter: netfilter configuration reloading is done.

Сен 8 09:33:06

ipsec

Starting strongSwan 5.9.7 IPsec [starter]...

Сен 8 09:33:06

ipsec

00[DMN] Starting IKE charon daemon (strongSwan 5.9.7, Linux 4.9-ndm-5, mips)

Сен 8 09:33:06

ipsec

00[LIB] providers loaded by OpenSSL: legacy default

Сен 8 09:33:06

ipsec

00[CFG] loading secrets

Сен 8 09:33:06

ipsec

00[CFG] loaded 1 RADIUS server configuration

Сен 8 09:33:06

ipsec

00[CFG] enabling systime-fix, threshold: Tue Jan 1 00:00:00 2030

Сен 8 09:33:06

ipsec

00[CFG]

Сен 8 09:33:06

ipsec

00[CFG] starting system time check, interval: 10s

Сен 8 09:33:06

ipsec

00[LIB] loaded plugins: charon random save-keys nonce x509 pubkey pkcs7 pem openssl pkcs8 xcbc cmac hmac ctr attr kernel-netlink resolve socket-default stroke vici updown eap-identity eap-md5 eap-mschapv2 eap-dynamic eap-radius eap-peap xauth-generic xauth-eap error-notify systime-fix unity counters

Сен 8 09:33:06

ipsec

00[LIB] dropped capabilities, running as uid 65534, gid 65534

Сен 8 09:33:06

ndm

Io::UnixStreamSocket: connected after 1 retries.

Сен 8 09:33:06

ipsec

05[CFG] loaded IKE shared key with id 'L2TP2-PSK' for: 'cmap:L2TP2'

Сен 8 09:33:06

ipsec

13[CFG] loaded 0 entries for attr plugin configuration

Сен 8 09:33:06

ipsec

13[CFG] loaded 1 RADIUS server configuration

Сен 8 09:33:06

ipsec

07[CFG] added vici connection: L2TP2

Сен 8 09:33:06

ipsec

07[CFG] initiating 'L2TP2'

Сен 8 09:33:06

ipsec

07[IKE] sending DPD vendor ID

Сен 8 09:33:06

ipsec

07[IKE] sending FRAGMENTATION vendor ID

Сен 8 09:33:06

ipsec

07[IKE] sending NAT-T (RFC 3947) vendor ID

Сен 8 09:33:06

ipsec

07[IKE] sending draft-ietf-ipsec-nat-t-ike-02\n vendor ID

Сен 8 09:33:06

ipsec

07[IKE] initiating Main Mode IKE_SA L2TP2[1] to 146.0.79.21

Сен 8 09:33:06

ipsec

09[IKE] received FRAGMENTATION vendor ID

Сен 8 09:33:06

ipsec

09[IKE] received DPD vendor ID

Сен 8 09:33:06

ipsec

09[IKE] received NAT-T (RFC 3947) vendor ID

Сен 8 09:33:06

ipsec

09[CFG] received proposals: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048

Сен 8 09:33:06

ipsec

09[CFG] configured proposals: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_384, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/ECP_256, IKE:AES_CBC=128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC=256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:AES_CBC=128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024, IKE:3DES_CBC/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_1024

Сен 8 09:33:06

ipsec

09[CFG] selected proposal: IKE:AES_CBC=256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048

Сен 8 09:33:06

ipsec

14[IKE] found linked key for crypto map 'L2TP2'

Сен 8 09:33:07

ipsec

14[IKE] local host is behind NAT, sending keep alives

Сен 8 09:33:07

ipsec

14[IKE] remote host is behind NAT

Сен 8 09:33:07

ipsec

11[IKE] IKE_SA L2TP2[1] established between 192.168.0.14[192.168.0.14]...146.0.79.21[146.0.79.21]

Сен 8 09:33:07

ipsec

11[IKE] scheduling rekeying in 28765s

Сен 8 09:33:07

ipsec

11[IKE] maximum IKE_SA lifetime 28785s

Сен 8 09:33:07

ipsec

13[CFG] received proposals: ESP:AES_CBC=128/HMAC_SHA1_96/NO_EXT_SEQ

Сен 8 09:33:07

ipsec

13[CFG] configured proposals: ESP:AES_CBC=128/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC=256/HMAC_SHA1_96/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ, ESP:AES_CBC=128/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:AES_CBC=256/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:3DES_CBC/HMAC_SHA2_256_128/NO_EXT_SEQ, ESP:CHACHA20_POLY1305/NO_EXT_SEQ

Сен 8 09:33:07

ipsec

13[CFG] selected proposal: ESP:AES_CBC=128/HMAC_SHA1_96/NO_EXT_SEQ

Сен 8 09:33:07

ipsec

13[IKE] CHILD_SA L2TP2{1} established with SPIs cd0a534b_i 2227ea66_o and TS 192.168.0.14/32[udp/42754] === 146.0.79.21/32[udp/l2tp]

Сен 8 09:33:07

ndm

IpSec::Configurator: "L2TP2": crypto map is up.

И все, на этом больше никаких признаков жизни, в статусе соединения "Идёт подключение". В какую сторону копать?

Проблема как в 4.1.7 версии, так и в 4.2 Beta 3.

[SAGAK]

По факту различных действий помог сброс до заводских настроек.