Win10 client problems

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
davidyip
Posts: 12
Joined: Wed Jan 25, 2017 2:15 pm

Win10 client problems

Post by davidyip » Wed Jan 25, 2017 2:32 pm

Hi,

Many problems with Win10 clients......

1. Can only connect through vpnazure
2. When use L2TP, no response, I'm sure all three ports are forwarded
3. When use SSTP, after examine the SE server log, it says my Win10 client is not SoftEther client......

But I'm able to connect using my android phone both with L2TP(phone vpn) and SSTP (third party android SSTP client)

Anyone has the same problems and any ideas?

Thanks for any help.

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Win10 client problems

Post by thisjun » Wed Feb 08, 2017 7:45 am

What ports did you configure for port forwarding?

Could you show the server log?

davidyip
Posts: 12
Joined: Wed Jan 25, 2017 2:15 pm

Re: Win10 client problems

Post by davidyip » Wed Feb 08, 2017 9:30 am

Yes, 443, 500, 1194, 1701, 4500, 5555.
I even tried from localhost but still failed.

SSTP:
2017-02-08 17:15:52.831 On the TCP Listener (Port 443), a Client (IP address 42.2.234.198, Host name "42-2-234-198.static.netvigator.com", Port number 56307) has connected.
2017-02-08 17:15:52.831 For the client (IP address: 42.2.234.198, host name: "42-2-234-198.static.netvigator.com", port number: 56307), connection "CID-14-AC9633E96F" has been created.
2017-02-08 17:15:52.902 SSL communication for connection "CID-14-AC9633E96F" has been started. The encryption algorithm name is "AES128-SHA".
2017-02-08 17:15:52.949 Connection "CID-14-AC9633E96F" terminated by the cause "A client which is non-SoftEther VPN software has connected to the port." (code 5).
2017-02-08 17:15:52.949 Connection "CID-14-AC9633E96F" has been terminated.
2017-02-08 17:15:52.949 The connection with the client (IP address 42.2.234.198, Port number 56307) has been disconnected.

L2TP/IPSec:
Just timeout

thisjun wrote:
> What ports did you configure for port forwarding?
>
> Could you show the server log?

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Win10 client problems

Post by thisjun » Thu Feb 23, 2017 7:28 am

I think you make misconfiguration about protocol for port forwarding.
UDP 500 and 4500 are required for L2TP/IPSec.

Did you enable SSTP and L2TP/IPSec function on the SoftEther VPN?

davidyip
Posts: 12
Joined: Wed Jan 25, 2017 2:15 pm

Re: Win10 client problems

Post by davidyip » Thu Feb 23, 2017 10:00 am

Yes, 443, 500, 1194, 1701, 4500, 5555 all forwarded
All services including SSTP and L2TP/IPSec are enabled on SoftEther server/

I can make use of STP client(third party app) on my android phone to connect, just not Win10 built-in client.......

thisjun wrote:
> I think you make misconfiguration about protocol for port forwarding.
> UDP 500 and 4500 are required for L2TP/IPSec.
>
> Did you enable SSTP and L2TP/IPSec function on the SoftEther VPN?

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Win10 client problems

Post by thisjun » Wed Mar 08, 2017 6:33 am

>Yes, 443, 500, 1194, 1701, 4500, 5555 all forwarded

Are these ports UDP?

davidyip
Posts: 12
Joined: Wed Jan 25, 2017 2:15 pm

Re: Win10 client problems

Post by davidyip » Wed Mar 08, 2017 6:52 am

443 TCP
500 TCP/UDP
1194 UDP
1701 UDP
4500 TCP/UDP
5555 TCP

thisjun wrote:
> >Yes, 443, 500, 1194, 1701, 4500, 5555 all forwarded
>
> Are these ports UDP?

cedar
Site Admin
Posts: 2070
Joined: Sat Mar 09, 2013 5:37 am

Re: Win10 client problems

Post by cedar » Fri Mar 10, 2017 8:50 am

IPsec uses UDP/500 and UDP/4500.
Forwarding TCP/500 and TCP/4500 is not needed.

By the way, setting for port forwarding seems valid.
I guess your ISP set a firewall or NAT.

davidyip
Posts: 12
Joined: Wed Jan 25, 2017 2:15 pm

Re: Win10 client problems

Post by davidyip » Fri Mar 10, 2017 1:27 pm

I can use my android phone to connect over the radio network with both L2TP and SSTP so the ISP should not be a problem. I can also use the Softether client to connect just not the Microsoft SSTP client......

cedar wrote:
> IPsec uses UDP/500 and UDP/4500.
> Forwarding TCP/500 and TCP/4500 is not needed.
>
> By the way, setting for port forwarding seems valid.
> I guess your ISP set a firewall or NAT.

jlyle@ver.com
Posts: 4
Joined: Mon Mar 13, 2017 11:37 pm

Re: Win10 client problems

Post by jlyle@ver.com » Mon Mar 13, 2017 11:55 pm

I'm having the same problem I get this error on some of my Windows 10 PCs:

The L2TP connection attempt failed because security policy for the connection was not found.

davidyip
Posts: 12
Joined: Wed Jan 25, 2017 2:15 pm

Re: Win10 client problems

Post by davidyip » Tue Mar 14, 2017 7:13 am

How to set the security policy? Thanks.

jlyle@ver.com wrote:
> I'm having the same problem I get this error on some of my Windows 10 PCs:
>
> The L2TP connection attempt failed because security policy for the
> connection was not found.

jlyle@ver.com
Posts: 4
Joined: Mon Mar 13, 2017 11:37 pm

Re: Win10 client problems

Post by jlyle@ver.com » Tue Mar 14, 2017 5:18 pm

Doing this reg hack corrected the problem on my windows 10 computer

For Windows XP:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec
RegValue: AssumeUDPEncapsulationContextOnSendRule
Type: DWORD
Data Value: 2

For Windows Vista, 7, 8, 10, and 2008 Server:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
RegValue: AssumeUDPEncapsulationContextOnSendRule
Type: DWORD
Data Value: 2

Note that after creating this key you will need to reboot the machine

Post Reply