Lot of data being received by Android client on L2TP.

[seanbirkhead]

Hi ,
I'm a newbie but have managed to set up an L2TP server on my home PC and connected to it via an Android mobile phone client running L2TP connection. I had probelms doing this at first but eventually figured out if I switched on Virtual NAT and Virtual DHCP on the server HUB it worked fine.
Anyway, all works fine now and my Android phone traffic routes (securely) through my home broadband as I wanted it to. I have checked this by checking whatismyip on chrome browser on the phone and when the VPN is on it shows the public IP of my home router. When it is off , it shows the IP of my mobile network.
All that is as I want it.

However, when I look at the data transfer stats of the vpn connection on the phone, I can see that it is RECEIVING a LOT of data, far more than I think it should be. It is in the region of 50,000 bytes per second in a constant stream when the VPN is on. Monitoring the data usage of the phone with the vpn turned off is not even a fraction of this.
I am therefore assuming that there is a lot of traffic being pushed through the vpn by the server to the phone unnecessarily i.e. data that the phone has not requested.
Could anyone explain what may be wrong in my setup or anything I can change in the setup to limit this traffic to only what the phone is requesting?

Thanks,
Sean

[seanbirkhead]

Sorry. Was trying to add the details of my setup but I posted instead of pasted!. Give me a minute and I'll add my config details.

[seanbirkhead]

Client : Android 4.3 via L2TP

Server OS : Windows 7 x86

Windows IP Configuration

Host Name . . . . . . . . . . . . : ITMCLAP01
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : net

Ethernet adapter Local Area Connection 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TeamViewer VPN Adapter
Physical Address. . . . . . . . . : 00-FF-15-54-41-37
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-27-13-BA-D1-4C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : net
Description . . . . . . . . . . . : Intel(R) WiFi Link 5300 AGN
Physical Address. . . . . . . . . : 00-21-6A-B0-20-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.192.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 25 May 2014 20:46:15
Lease Expires . . . . . . . . . . : 27 May 2014 08:46:15
Default Gateway . . . . . . . . . : 192.168.192.1
DHCP Server . . . . . . . . . . . : 192.168.192.1
DNS Servers . . . . . . . . . . . : 192.168.192.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : net
Description . . . . . . . . . . . : Intel(R) 82567LM Gigabit Network Connecti
on
Physical Address. . . . . . . . . : 78-E7-D1-F3-49-A2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VirtualBox Host-Only Network:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physical Address. . . . . . . . . : 08-00-27-00-2C-74
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.42.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet8:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.158.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled


"systeminfo" (Windows)
Host Name: ITMCLAP01
OS Name: Microsoft Windows 7 Ultimate
OS Version: 6.1.7601 Service Pack 1 Build 7601
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Workstation
OS Build Type: Multiprocessor Free
45:50
System Manufacturer: Hewlett-Packard
System Model: HP EliteBook 6930p
System Type: X86-based PC
Processor(s): 1 Processor(s) Installed.
[01]: x64 Family 6 Model 23 Stepping 10 GenuineIntel
~2640 Mhz
BIOS Version: Hewlett-Packard 68PCU Ver. F.17, 05/03/2010
Windows Directory: F:\Windows
System Directory: F:\Windows\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (UTC) Dublin, Edinburgh, Lisbon, London
Total Physical Memory: 2,972 MB
Available Physical Memory: 1,450 MB
Virtual Memory: Max Size: 5,943 MB
Virtual Memory: Available: 3,797 MB
Virtual Memory: In Use: 2,146 MB
Page File Location(s): F:\pagefile.sys
Domain: WORKGROUP
Logon Server: \\ITMCLAP01
Hotfix(s): 149 Hotfix(s) Installed.
[01]: KB2849697
[02]: KB2849696
[03]: KB2841134
[04]: KB2670838
[05]: KB2592687
[06]: KB971033
[07]: KB2305420
[08]: KB2393802
[09]: KB2479943
[10]: KB2491683
[11]: KB2506212
[12]: KB2506928
[13]: KB2509553
[14]: KB2511455
[15]: KB2515325
[16]: KB2533552
[17]: KB2534366
[18]: KB2536275
[19]: KB2536276
[20]: KB2541014
[21]: KB2544893
[22]: KB2545698
[23]: KB2547666
[24]: KB2552343
[25]: KB2556532
[26]: KB2560656
[27]: KB2563227
[28]: KB2564958
[29]: KB2570947
[30]: KB2574819
[31]: KB2579686
[32]: KB2584146
[33]: KB2585542
[34]: KB2604115
[35]: KB2619339
[36]: KB2620704
[37]: KB2621440
[38]: KB2631813
[39]: KB2633171
[40]: KB2639308
[41]: KB2640148
[42]: KB2644615
[43]: KB2647753
[44]: KB2654428
[45]: KB2660075
[46]: KB2661254
[47]: KB2667402
[48]: KB2676562
[49]: KB2679255
[50]: KB2685811
[51]: KB2685813
[52]: KB2685939
[53]: KB2690533
[54]: KB2698365
[55]: KB2699779
[56]: KB2705219
[57]: KB2709630
[58]: KB2709981
[59]: KB2712808
[60]: KB2718704
[61]: KB2719857
[62]: KB2719985
[63]: KB2724197
[64]: KB2726535
[65]: KB2727528
[66]: KB2729094
[67]: KB2729452
[68]: KB2732059
[69]: KB2732487
[70]: KB2732500
[71]: KB2736422
[72]: KB2742599
[73]: KB2743555
[74]: KB2750841
[75]: KB2756921
[76]: KB2757638
[77]: KB2761217
[78]: KB2763523
[79]: KB2770660
[80]: KB2773072
[81]: KB2786081
[82]: KB2786400
[83]: KB2789645
[84]: KB2798162
[85]: KB2799926
[86]: KB2803821
[87]: KB2807986
[88]: KB2808679
[89]: KB2813347
[90]: KB2813430
[91]: KB2813956
[92]: KB2820331
[93]: KB2832414
[94]: KB2833946
[95]: KB2834140
[96]: KB2834886
[97]: KB2835361
[98]: KB2835364
[99]: KB2836502
[100]: KB2836943
[101]: KB2839894
[102]: KB2840149
[103]: KB2840631
[104]: KB2844286
[105]: KB2845187
[106]: KB2846960
[107]: KB2847077
[108]: KB2847311
[109]: KB2847927
[110]: KB2849470
[111]: KB2852386
[112]: KB2853952
[113]: KB2859537
[114]: KB2861191
[115]: KB2861698
[116]: KB2861855
[117]: KB2862152
[118]: KB2862330
[119]: KB2862335
[120]: KB2862966
[121]: KB2863240
[122]: KB2864058
[123]: KB2864202
[124]: KB2868038
[125]: KB2868116
[126]: KB2868626
[127]: KB2868725
[128]: KB2872339
[129]: KB2876284
[130]: KB2876331
[131]: KB2882822
[132]: KB2884256
[133]: KB2887069
[134]: KB2888049
[135]: KB2891804
[136]: KB2892074
[137]: KB2893294
[138]: KB2893519
[139]: KB2898785
[140]: KB2900986
[141]: KB2904266
[142]: KB2913152
[143]: KB2913431
[144]: KB2913602
[145]: KB958488
[146]: KB976002
[147]: KB976902
[148]: KB976932
[149]: KB982018
Network Card(s): 7 NIC(s) Installed.
[01]: Intel(R) 82567LM Gigabit Network Connection
Connection Name: Local Area Connection
Status: Media disconnected
[02]: TeamViewer VPN Adapter
Connection Name: Local Area Connection 6
Status: Media disconnected
[03]: Intel(R) WiFi Link 5300 AGN
Connection Name: Wireless Network Connection
DHCP Enabled: Yes
DHCP Server: 192.168.192.1
IP address(es)
[01]: 192.168.192.6
[04]: Bluetooth Device (Personal Area Network)
Connection Name: Bluetooth Network Connection
Status: Media disconnected
[05]: VirtualBox Host-Only Ethernet Adapter
Connection Name: VirtualBox Host-Only Network
DHCP Enabled: No
IP address(es)
[01]: 192.168.56.1
[06]: VMware Virtual Ethernet Adapter for VMnet1
Connection Name: VMware Network Adapter VMnet1
DHCP Enabled: No
IP address(es)
[01]: 192.168.42.1
[07]: VMware Virtual Ethernet Adapter for VMnet8
Connection Name: VMware Network Adapter VMnet8
DHCP Enabled: No
IP address(es)
[01]: 192.168.158.1



Running Softether VPN server 4.06 Build 9437


Internet access to/from the server is via a cablemodem router. Required ports for UDP are forwarded and IPSEC passthrough is swithced on.

[seanbirkhead]

# Software Configuration File
#
# You can edit this file when the program is not working.
#
declare root
{
uint ConfigRevision 14
bool IPsecMessageDisplayed true
string Region IE
bool VgsMessageDisplayed false

declare DDnsClient
{
bool Disabled false
byte Key <>
string LocalHostname <>
string ProxyHostName $
uint ProxyPort 0
uint ProxyType 0
string ProxyUsername $
}
declare IPsec
{
bool EtherIP_IPsec false
string IPsec_Secret <>
string L2TP_DefaultHub <>
bool L2TP_IPsec true
bool L2TP_Raw false

declare EtherIP_IDSettingsList
{
}
}
declare ListenerList
{
declare Listener0
{
bool DisableDos false
bool Enabled true
uint Port 443
}
declare Listener1
{
bool DisableDos false
bool Enabled true
uint Port 992
}
declare Listener2
{
bool DisableDos false
bool Enabled true
uint Port 1194
}
declare Listener3
{
bool DisableDos false
bool Enabled true
uint Port 5555
}
}
declare LocalBridgeList
{
bool EnableSoftEtherKernelModeDriver true
bool ShowAllInterfaces false
}
declare ServerConfiguration
{
uint64 AutoDeleteCheckDiskFreeSpaceMin 8589934592
uint AutoSaveConfigSpan 300
bool BackupConfigOnlyWhenModified true
string CipherName RC4-MD5
uint CurrentBuild 9437
bool DisableDeadLockCheck false
bool DisableDosProction false
bool DisableIntelAesAcceleration false
bool DisableIPv6Listener false
bool DisableNatTraversal false
bool DisableOpenVPNServer false
bool DisableSSTPServer false
bool DontBackupConfig false
bool EnableVpnAzure false
bool EnableVpnOverDns false
bool EnableVpnOverIcmp false
byte HashedPassword <>
string KeepConnectHost keepalive.softether.org
uint KeepConnectInterval 50
uint KeepConnectPort 80
uint KeepConnectProtocol 1
uint MaxConnectionsPerIP 256
uint MaxUnestablishedConnections 1000
bool NoDebugDump false
bool NoHighPriorityProcess false
bool NoSendSignature false
string OpenVPN_UdpPortList 1194
bool SaveDebugLog false
byte ServerCert <>
byte ServerKey <>
uint ServerType 0
bool UseKeepConnect true
bool UseWebTimePage false
bool UseWebUI false

declare ServerTraffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 819838
uint64 BroadcastCount 17780
uint64 UnicastBytes 4928459088
uint64 UnicastCount 5619355
}
declare SendTraffic
{
uint64 BroadcastBytes 294983
uint64 BroadcastCount 5829
uint64 UnicastBytes 4812646205
uint64 UnicastCount 5486010
}
}
declare SyslogSettings
{
string HostName $
uint Port 0
uint SaveType 0
}
}
declare VirtualHUB
{
declare <>
{
uint64 CreatedTime 1401076710404
byte HashedPassword <>
uint64 LastCommTime 1401084177357
uint64 LastLoginTime 1401082419376
uint NumLogin 12
bool Online true
uint RadiusRetryInterval 0
uint RadiusServerPort 1812
string RadiusSuffixFilter $
byte SecurePassword <>
uint Type 0

declare AccessList
{
}
declare AdminOption
{
uint allow_hub_admin_change_option 0
uint deny_bridge 0
uint deny_change_user_password 0
uint deny_empty_password 0
uint deny_hub_admin_change_ext_option 0
uint deny_qos 0
uint deny_routing 0
uint max_accesslists 0
uint max_bitrates_download 0
uint max_bitrates_upload 0
uint max_groups 0
uint max_multilogins_per_user 0
uint max_sessions 0
uint max_sessions_bridge 0
uint max_sessions_client 0
uint max_sessions_client_bridge_apply 0
uint max_users 0
uint no_access_list_include_file 0
uint no_cascade 0
uint no_change_access_control_list 0
uint no_change_access_list 0
uint no_change_admin_password 0
uint no_change_cert_list 0
uint no_change_crl_list 0
uint no_change_groups 0
uint no_change_log_config 0
uint no_change_log_switch_type 0
uint no_change_msg 0
uint no_change_users 0
uint no_delay_jitter_packet_loss 0
uint no_delete_iptable 0
uint no_delete_mactable 0
uint no_disconnect_session 0
uint no_enum_session 0
uint no_offline 0
uint no_online 0
uint no_query_session 0
uint no_read_log_file 0
uint no_securenat 0
uint no_securenat_enabledhcp 0
uint no_securenat_enablenat 0
}
declare CascadeList
{
}
declare LogSetting
{
uint PacketLogSwitchType 4
uint PACKET_LOG_ARP 0
uint PACKET_LOG_DHCP 1
uint PACKET_LOG_ETHERNET 0
uint PACKET_LOG_ICMP 0
uint PACKET_LOG_IP 0
uint PACKET_LOG_TCP 0
uint PACKET_LOG_TCP_CONN 1
uint PACKET_LOG_UDP 0
bool SavePacketLog true
bool SaveSecurityLog true
uint SecurityLogSwitchType 4
}
declare Message
{
}
declare Option
{
uint AccessListIncludeFileCacheLifetime 30
uint AdjustTcpMssValue 0
bool ApplyIPv4AccessListOnArpPacket false
bool BroadcastLimiterStrictMode false
uint BroadcastStormDetectionThreshold 0
uint ClientMinimumRequiredBuild 0
bool DisableAdjustTcpMss false
bool DisableCheckMacOnLocalBridge false
bool DisableCorrectIpOffloadChecksum false
bool DisableHttpParsing false
bool DisableIPParsing false
bool DisableKernelModeSecureNAT false
bool DisableUdpAcceleration false
bool DisableUdpFilterForLocalBridgeNic false
bool DisableUserModeSecureNAT false
bool DoNotSaveHeavySecurityLogs false
bool DropArpInPrivacyFilterMode true
bool DropBroadcastsInPrivacyFilterMode true
bool FilterBPDU false
bool FilterIPv4 false
bool FilterIPv6 false
bool FilterNonIP false
bool FilterOSPF false
bool FilterPPPoE false
bool ManageOnlyLocalUnicastIPv6 true
bool ManageOnlyPrivateIP true
uint MaxLoggedPacketsPerMinute 0
uint MaxSession 0
bool NoArpPolling false
bool NoDhcpPacketLogOutsideHub true
bool NoEnum false
bool NoIpTable false
bool NoIPv4PacketLog false
bool NoIPv6AddrPolling false
bool NoIPv6DefaultRouterInRAWhenIPv6 true
bool NoIPv6PacketLog false
bool NoLookBPDUBridgeId false
bool NoMacAddressLog true
bool NoManageVlanId false
bool NoSpinLockForPacketDelay false
bool RemoveDefGwOnDhcpForLocalhost true
uint RequiredClientId 0
uint SecureNAT_MaxDnsSessionsPerIp 0
uint SecureNAT_MaxIcmpSessionsPerIp 0
uint SecureNAT_MaxTcpSessionsPerIp 0
uint SecureNAT_MaxTcpSynSentPerIp 0
uint SecureNAT_MaxUdpSessionsPerIp 0
string VlanTypeId 0x8100
bool YieldAfterStorePacket false
}
declare SecureNAT
{
bool Disabled false
bool SaveLog true

declare VirtualDhcpServer
{
string DhcpDnsServerAddress 192.168.30.1
string DhcpDnsServerAddress2 0.0.0.0
string DhcpDomainName net
bool DhcpEnabled true
uint DhcpExpireTimeSpan 7200
string DhcpGatewayAddress 192.168.30.1
string DhcpLeaseIPEnd 192.168.30.200
string DhcpLeaseIPStart 192.168.30.10
string DhcpPushRoutes $
string DhcpSubnetMask 255.255.255.0
}
declare VirtualHost
{
string VirtualHostIp 192.168.30.1
string VirtualHostIpSubnetMask 255.255.255.0
string VirtualHostMacAddress <>
}
declare VirtualRouter
{
bool NatEnabled true
uint NatMtu 1500
uint NatTcpTimeout 1800
uint NatUdpTimeout 60
}
}
declare SecurityAccountDatabase
{
declare CertList
{
}
declare CrlList
{
}
declare GroupList
{
}
declare IPAccessControlList
{
}
declare UserList
{
declare <>
{
byte AuthNtLmSecureHash <>
byte AuthPassword <>
uint AuthType 1
uint64 CreatedTime 1401076772953
uint64 ExpireTime 0
uint64 LastLoginTime 1401082419376
string Note $
uint NumLogin 12
string RealName <>
uint64 UpdatedTime 1401076772953

declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 283187
uint64 BroadcastCount 5793
uint64 UnicastBytes 4808081282
uint64 UnicastCount 5450469
}
declare SendTraffic
{
uint64 BroadcastBytes 11796
uint64 BroadcastCount 36
uint64 UnicastBytes 4532331
uint64 UnicastCount 34765
}
}
}
}
}
declare Traffic
{
declare RecvTraffic
{
uint64 BroadcastBytes 819838
uint64 BroadcastCount 17780
uint64 UnicastBytes 4928459088
uint64 UnicastCount 5619355
}
declare SendTraffic
{
uint64 BroadcastBytes 294983
uint64 BroadcastCount 5829
uint64 UnicastBytes 4812646205
uint64 UnicastCount 5486010
}
}
}
}
declare VirtualLayer3SwitchList
{
}
declare VPNGate
{
string Abuse $
bool IsEnabled false
bool LogPermanent false
string Message $
bool NoLog false
string Owner <>
}
}

[seanbirkhead]

Any thoughts from anyone as to why I might be seeing this amount of traffic being received by the Android client and how I might limit it?

[thisjun]

Could you do packet capture ?
If you know about what type packet want to filter, you can filter by Access List or Security Policies.
And, Security Policies can limit the bandwidth.

http://www.softether.org/4-docs/1-manua ... ccess_List

http://www.softether.org/4-docs/1-manua ... y_Policies