Environment: Using Pre-Shared key to authenticate L2TP
VPND generates the same "username" for all L2TP clients using the pre-shared key. So when two L2TP clients are also behind the same NAT, all their tunnel parameters, including peer IP address and username, will be identical.
Therefore, when a second client connects, it looks like a renewal of the existing tunnel with the first client.
The newly negotiated key is then used to encrypt both connections: the one belonging to the second client and the one belonging to the first client.
From the first client's point of view, it stops getting replies and therefore disconnects.