I'm trying to connect to a linux server running a VPN server using a Cisco IR829 router. I can ping the VPN server from the router but when I look at the L2TP debug messages it says "172.16.4.143 is unreachable"

Here's the debug log.

Apr 29 06:28:07.903: L2TP _____:________: L2TUN: app XCONNECT cc status
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: FSM-CC ev App-Disc
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: FSM-CC in Wt-STOPACK
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: FSM-CC do App-Disc-Shut
Apr 29 06:28:07.903: L2TP app 100B9:000010B1:XCON: Destroyed
Apr 29 06:28:07.903: L2TP app 100B9:000010B1:XCON: App count now 0
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E:
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: O StopCCN to 172.16.4.143
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: IETF v2:
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: Result Code
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: General error - refer to error code(2)
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: Error code
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: Vendor specific(6)
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: Optional msg
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: "172.16.4.143 is unreachable"
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: Assigned Tunnel I 0x0000240E (9230)
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: Cisco v2:
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: Vendor Error Code
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E: Error code Tunnel shut(1)
Apr 29 06:28:07.903: L2TP tnl 100B9:0000240E:
Apr 29 06:28:07.903: L2X _____:________: APP->L2TP: Disconnect [10],
Apr 29 06:28:07.903: L2X _____:________: sock 000010B2
Apr 29 06:28:07.903: L2X _____:________: serv 00000000
Apr 29 06:28:07.903: L2X _____:________: replied on same socket
Apr 29 06:28:07.903: L2X _____:________:
Apr 29 06:28:12.111: L2TP app _____:000010B1:XCON: APP->L2TP: activate,
Apr 29 06:28:12.111: L2TP app _____:000010B1:XCON: client 000010B1
Apr 29 06:28:12.111: L2TP app _____:000010B1:XCON: app XCONNECT
Apr 29 06:28:12.111: L2TP app _____:000010B1:XCON:
Apr 29 06:28:12.111: L2TP _____:________: Find cc between
Apr 29 06:28:12.111: L2TP _____:________: 172.16.2.4<->172.16.4.143
Apr 29 06:28:12.111: L2TP _____:________: with class: L2TP_CLASS
Apr 29 06:28:12.111: L2TP _____:________: and IP proto: L2TPoUDP
Apr 29 06:28:12.111: L2TP _____:________: and framing type: none
Apr 29 06:28:12.111: L2TP _____:________: and bearer type: none
Apr 29 06:28:12.111: L2TP _____:________: and version: V2
Apr 29 06:28:12.111: L2TP _____:________: and local hostname: IR829
Apr 29 06:28:12.111: L2TP _____:________: Need to instigate control channel
Apr 29 06:28:12.111: L2X tnl 080BB:________: Create logical tunnel
Apr 29 06:28:12.111: L2TP tnl 080BB:________: Create tunnel
Apr 29 06:28:12.111: L2TP tnl 080BB:________: version set to V2
Apr 29 06:28:12.111: L2TP tnl 080BB:________: remote ip set to 172.16.4.143
Apr 29 06:28:12.111: L2TP tnl 080BB:________: local ip set to 172.16.2.4
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: class name L2TP_CLASS
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: class name L2TP_CLASS
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: FSM-CC ev App-Conn
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: FSM-CC Idle->Wt-Sock
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: FSM-CC do App-Connect-Sock
Apr 29 06:28:12.111: L2TP app 080BB:000010B1:XCON: Created
Apr 29 06:28:12.111: L2TP app 080BB:000010B1:XCON: App count now 1
Apr 29 06:28:12.111: L2X _____:________: l2x_open_socket: is called
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: Open sock 172.16.2.4:1701->172.16.4.143:1701
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: FSM-CC ev Sock-Ready
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: FSM-CC Wt-Sock->Wt-SCCRP
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: FSM-CC do Tx-SCCRQ
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F:
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: O SCCRQ to 172.16.4.143
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: IETF v2:
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: Protocol Version 1, Revision 0
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: Framing Cap none(0x0)
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: Tie Breaker
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: 7EE9D3499CD251BA
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: Firmware Ver 0x1130
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: Hostname "IR829"
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: Vendor Name
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: "Cisco Systems, Inc."
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: Assigned Tunnel I 0x0000508F (20623)
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: Recv Window Size 1024
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: Challenge [16]
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F: 0x0F129F78CB71CD8B001DEDB6AD6BCEB6
Apr 29 06:28:12.111: L2TP tnl 080BB:0000508F:
Apr 29 06:28:12.905: L2TP tnl 100B9:0000240E: FSM-CC ev Shut
Apr 29 06:28:12.905: L2TP tnl 100B9:0000240E: FSM-CC in Wt-STOPACK
Apr 29 06:28:12.905: L2TP tnl 100B9:0000240E: FSM-CC do Shutnow
Apr 29 06:28:12.905: L2TP tnl 100B9:0000240E: FSM-CC ev Shut-Comp
Apr 29 06:28:12.905: L2TP tnl 100B9:0000240E: FSM-CC Wt-STOPACK->Dead
Apr 29 06:28:12.905: L2TP tnl 100B9:0000240E: FSM-CC do Shutdown-Completed
Apr 29 06:28:12.905: L2TP tnl 100B9:0000240E: Control channel down
Apr 29 06:28:12.905: L2TP tnl 100B9:0000240E: 172.16.2.4<->172.16.4.143
Apr 29 06:28:12.905: L2TP tnl 100B9:0000240E: Destroying tunnel
Apr 29 06:28:12.905: L2TP: Removing per-cc stats db entry, tun-id 9230
Apr 29 06:28:12.905: L2X tnl 100B9:________: Destroying logical tunnel
Apr 29 06:28:13.111: L2TP tnl 080BB:0000508F: O Resend SCCRQ, flg TLS, ver 2, len 134
Apr 29 06:28:15.112: L2TP tnl 080BB:0000508F: O Resend SCCRQ, flg TLS, ver 2, len 134
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F:
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: Shutting down tunnel
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: With 1 app
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: Result Code
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: General error - refer to error code
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: Error Code
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: Vendor specific
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: Vendor Error
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: Tunnel shut
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: Optional Message
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: "172.16.4.143 is unreachable"
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F:
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: FSM-CC ev Shut
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: FSM-CC Wt-SCCRP->Wt-STOPACK
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: FSM-CC do Tx-StopCCN-Error
Apr 29 06:28:19.113: L2TP tnl 080BB:0000508F: Notify 1 app cc, FAILED
Apr 29 06:28:19.113: L2TP app 080BB:000010B1:XCON:
Apr 29 06:28:19.113: L2TP app 080BB:000010B1:XCON: APP<-L2TP: notify cc,
Apr 29 06:28:19.113: L2TP app 080BB:000010B1:XCON: client 000010B1
Apr 29 06:28:19.113: L2TP app 080BB:000010B1:XCON: app XCONNECT
Apr 29 06:28:19.113: L2TP app 080BB:000010B1:XCON: FAILED
Apr 29 06:28:19.113: L2TP app 080BB:000010B1:XCON:

My config:

Building configuration...

Current configuration : 9263 bytes
!
! Last configuration change at 06:20:46 UTC Fri Apr 29 2022 by admin
!
version 15.8
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service unsupported-transceiver
!
hostname IR829
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$awgc$19aPUupccCa8rOl3MdAgH.
enable password 7 10673B41574E
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login SSLVPN_AAA local
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
service-module wlan-ap 0 bootimage autonomous
!
ignition off-timer 900
!
ignition undervoltage threshold 11 000
!
no ignition enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!

!
ip dhcp excluded-address 172.16.5.1
!
ip dhcp pool ENG
network 172.16.5.0 255.255.255.0
default-router 172.16.5.1
dns-server 8.8.8.8
!
!
!
ip domain name r.helimods.com
ip name-server 8.8.8.8
ip name-server 1.1.1.1
ip cef
l2tp-class L2TP_CLASS
hidden
authentication
password 7 104D000A0618021807
!
ipv6 unicast-routing
ipv6 cef
!
multilink bundle-name authenticated
!
!
!
chat-script lte "" "AT!CALL" TIMEOUT 20 "OK"
chat-script INTERNET "" "ATDT*99#" TIMEOUT 30 CONNECT
!
crypto pki trustpoint SSLVPN_CERT
enrollment selfsigned
subject-name CN=helimods.com
subject-alt-name helimods.com
revocation-check crl
rsakeypair SSLVPN_KEYPAIR
!
!
crypto pki certificate chain SSLVPN_CERT
certificate self-signed 03
3082035F 30820247 A0030201 02020103 300D0609 2A864886 F70D0101 05050030
3C311530 13060355 0403130C 68656C69 6D6F6473 2E636F6D 31233021 06092A86
4886F70D 01090216 14495238 32392E72 2E68656C 696D6F64 732E636F 6D301E17
0D323230 34313130 37353134 385A170D 33303031 30313030 30303030 5A303C31
15301306 03550403 130C6865 6C696D6F 64732E63 6F6D3123 30210609 2A864886
F70D0109 02161449 52383239 2E722E68 656C696D 6F64732E 636F6D30 82012230
0D06092A 864886F7 0D010101 05000382 010F0030 82010A02 82010100 A7ABAD7C
AB99D15F 9BE37272 A975F887 D4D9752A F0BD6E37 7AA8CB85 35D77355 99F62AA5
596D21B1 DB2DD151 69970D11 73BB8071 0BEAD6B3 E19B3258 FBE707EF 28448F7F
9A3C77C2 FD182656 B6FF22FB C2AD2837 C6C87820 CEC8C4AD 15AAFEDA 47176587
5FDEFC0F F440B35A 7D6069A5 17A12FCF 0C6D22A7 664389EF 580BB412 A918E0EF
EB529949 35BB8381 3C0FE01B B7EB980F B9EC9548 CD50720E CCC9B141 B75A4366
E5A535C9 39E98C7C 8AE06815 C5A20D01 E2FE1E0C F3852639 CE50CF63 43526CB3
4462D34A 4B2A3F0D 76B6E2E6 02D79C6E 88F810B2 4338BF67 E9515AC5 B133B9DC
0B88F095 5E8336D4 96AFC727 693C6AC1 8A8F7156 A9F38D42 2524C12D 02030100
01A36C30 6A300F06 03551D13 0101FF04 05300301 01FF3017 0603551D 11041030
0E820C68 656C696D 6F64732E 636F6D30 1F060355 1D230418 30168014 31A5B135
AFEF4374 2815E5AC FC9A40B1 5CC31FAF 301D0603 551D0E04 16041431 A5B135AF
EF437428 15E5ACFC 9A40B15C C31FAF30 0D06092A 864886F7 0D010105 05000382
0101003F 468F6DFA B49DEB00 2046FF6A 1A0E737E 3DFB668B E4BF61E6 071557F5
9D08D7E0 87E8865B C50F17B2 240FDF5F 51AEECD1 079D0E4A 13F6BE7F 8DC4288D
4B5368B5 E3ACE4BD 8AB228C6 3F458CB6 5333D2DA 8B859B1C 3CB56B19 13278A3B
91FE22EC 1351611D DF906C8E D75CCF65 55EC2A47 3E1A06D4 81F9FAD2 B0B11F77
5F0089BC EED07F8E 1972EB49 ABF204F8 F333985E 413E8EA6 615B67B6 80F18590
B0706FD9 27B46485 2E39DF30 841357C8 BF1EFB81 E8C53015 989633BE 74B4CFE4
46903B63 B102655D 1D27C59D E59A51AE D113C519 3F00CCFA 32C028A0 75CD5E32
91AFCFF9 A2F3BFAE 21649139 248224CC D1AF4E94 D5749FD5 92989321 8FD54E88 754ACB
quit
license udi pid IR829GW-LTE-LA-ZK9 sn FGL2602L191
!
!
username admin password 7 0114140555051F422C5A1A2B0C
username userfile privilege 15 secret 5 $1$Sw0B$Iix958pAERpA6v1GydXra/
username vpnuser password 7 05080F1C22431F5B4A
!
redundancy

!
!
!
!
!
controller Cellular 0
lte sim data-profile 1 attach-profile 1 slot 0
lte sim fast-switchover enable
no lte gps enable
lte modem link-recovery disable
!
pseudowire-class VPN_PW
encapsulation l2tpv2
protocol l2tpv2 L2TP_CLASS
ip local interface GigabitEthernet0
!
!
!
crypto vpn anyconnect flash:/webvpn/anyconnect-win-3.1.03103-k9.pkg sequence 1
!
crypto isakmp policy 5
encr 3des
authentication pre-share
group 2
crypto isakmp key ciscopsk address 172.16.4.143
!
!
crypto ipsec transform-set TSET esp-aes esp-md5-hmac
mode tunnel
crypto ipsec transform-set TSET2 esp-3des esp-md5-hmac
mode tunnel
crypto ipsec transform-set TSET3 esp-aes 256 esp-sha-hmac
mode transport
crypto ipsec transform-set TSET4 ah-sha256-hmac esp-3des
mode tunnel
!
!
!
crypto map CMAP 10 ipsec-isakmp
set peer 172.16.4.143
set transform-set TSET4
match address VPN_TRAFFIC
!
!
!
!
!
interface Loopback0
no ip address
!
interface GigabitEthernet0
ip address dhcp
ip nat outside
ip virtual-reassembly in
no ip route-cache
no autonegotiate
keepalive 30
crypto map CMAP
!
interface GigabitEthernet1
switchport access vlan 10
switchport mode access
no ip address
!
interface GigabitEthernet2
switchport access vlan 10
switchport mode access
no ip address
!
interface GigabitEthernet3
switchport access vlan 10
switchport mode access
no ip address
!
interface GigabitEthernet4
switchport access vlan 10
switchport mode access
no ip address
no mop enabled
!
interface Wlan-GigabitEthernet0
switchport access vlan 20
switchport mode access
no ip address
!
interface GigabitEthernet5
no ip address
shutdown
duplex auto
speed auto
!
interface Cellular0
description -hologram interface-
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation slip
load-interval 60
dialer in-band
dialer idle-timeout 300
dialer string lte
dialer-group 1
ipv6 address autoconfig
async mode interactive
routing dynamic
!
interface Cellular1
no ip address
encapsulation slip
shutdown
!
interface Virtual-PPP1
description L2TP Tunnel
ip address negotiated
no cdp enable
ppp authentication chap pap callin
ppp chap hostname admin
ppp chap password 7 104D000A061843595F
ppp pap sent-username admin password 7 121A0C0411045D5679
ppp ipcp address accept
pseudowire 172.16.4.143 1 encapsulation l2tpv2 pw-class VPN_PW
!
interface Virtual-Template1
ip unnumbered Loopback0
!
interface wlan-ap0
ip address 1.1.1.1 255.255.255.255
!
interface Vlan1
ip address 172.16.7.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
no ip route-cache
!
interface Vlan10
ip address 172.16.5.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Vlan20
ip address 172.16.6.2 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip policy route-map NAT_WAN
!
interface Async0
no ip address
encapsulation scada
!
interface Async1
no ip address
encapsulation scada
!
interface Dialer1
no ip address
!
!
ip local pool SSLVPN_POOL 172.16.4.2 172.16.4.10
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip dns server
ip nat inside source route-map NAT_CELL interface Cellular0 overload
ip nat inside source route-map NAT_WAN interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 Cellular0
ip route 192.168.42.0 255.255.255.0 Virtual-PPP1
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0 dhcp 250
ip route 172.16.4.0 255.255.255.0 GigabitEthernet0 dhcp
ip ssh version 2
ip scp server enable
!
ip access-list extended LIST_CELL
deny ip 172.16.5.0 0.0.0.255 192.168.42.0 0.0.0.255
deny ip 172.16.6.0 0.0.0.255 192.168.42.0 0.0.0.255
deny udp any 172.16.4.0 0.0.0.255
permit ip 172.16.5.0 0.0.0.255 any
ip access-list extended LIST_WAN
deny ip 172.16.5.0 0.0.0.255 192.168.42.0 0.0.0.255
deny ip 172.16.6.0 0.0.0.255 192.168.42.0 0.0.0.255
deny udp any 172.16.4.0 0.0.0.255
permit ip 172.16.6.0 0.0.0.255 any
ip access-list extended VPN_TRAFFIC
permit udp any 172.16.4.0 0.0.0.255
!
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipv6 permit
ipv6 ioam timestamp
!
route-map NAT_CELL permit 10
match ip address LIST_CELL
match interface Cellular0
!
route-map NAT_WAN permit 10
match ip address LIST_WAN
set ip next-hop dynamic dhcp
set interface GigabitEthernet0
!
!
!
!
!
control-plane
!
!
!
line con 0
stopbits 1
line 1 2
stopbits 1
line 3
script dialer lte
modem InOut
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
rxspeed 150000000
txspeed 50000000
line 4
no activation-character
no exec
transport preferred none
transport input all
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
line 8
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
rxspeed 150000000
txspeed 50000000
line 1/3 1/6
transport preferred none
transport output none
stopbits 1
line vty 0 4
password 7 045802150C2E1D1C5A
transport input ssh
!
no scheduler max-task-time
ntp server pool.ntp.org minpoll 7
no iox hdm-enable
iox client enable interface GigabitEthernet5
no iox recovery-enable
!
!
!
!
!
!
!
!
webvpn gateway SSLVPN_GW
ip interface Cellular0 port 1026
ssl trustpoint SSLVPN_CERT
no inservice
!
webvpn context SSL_CONTEXT
virtual-template 1
aaa authentication list SSLVPN_AAA
gateway SSLVPN_GW
!
ssl authenticate verify all
no inservice
!
policy group SSL_POLICY
functions svc-enabled
svc address-pool "SSLVPN_POOL" netmask 255.255.255.0
svc dns-server primary 8.8.8.8
default-group-policy SSL_POLICY
!
end

Any help would be greatly appreciated!