Cannot connect more than one L2TP client behind the same NAT

[dvornikov-aa]

This is a known issue with L2TP/IPsec:

1. https://community.ubnt.com/t5/EdgeRouter/L2TP-VPN-Multiple-connections-from-same-NAT-d-location/td-p/512593
2. xauth: multiple clients behind nat hwdsl2/setup-ipsec-vpn#55
3. http://swan.libreswan.narkive.com/Rxj6YbXK/cannot-install-eroute-when-second-client-connected-from-behind-the-same-nat

The detailed problem explanation is here:

1. http://www.jacco2.dds.nl/networking/openswan-l2tp.html#NAT
2. https://lists.strongswan.org/pipermail/users/2009-June/003483.html

There are many comments that recomment to avoid using L2TP/IPsec in this case. Still, there is a possible solution (xelerance/xl2tpd#82) but it's not the easy one.

How to repeat:

1. Use vpn-client-installer.sh on more than one Linux machine with different VPN users.
2. Try to connect these machines to the VPN server from the local network (they must use the same router).
3. Check the server log for "cannot install eroute -- it is in use for" error.

It's an importnant problem since L2TP/IPsec configuration is the one vpn-client-installer.sh uses.