Problem with L2TP/IPSec

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
jiaqi1993
Posts: 5
Joined: Mon Sep 15, 2014 3:03 pm

Problem with L2TP/IPSec

Post by jiaqi1993 » Mon Sep 15, 2014 3:21 pm

Hello Everyone,

I have a problem with connecting to my vpn via L2TP/Ipsec.(Tried using PC & Android)

I'm actually able to connect to it via the Softether client and OpenVPN.

1)My Server is running on RaspberryPi
2)Already did the port forward(UDP 500 & 4500)
3)The setting for l2tp/ipsec is ON as the picture shown (http://imgur.com/TCWC4vl)
4)Local Bridge is used

I did a google search for the error(789) that I received from PC side but still unable to solve the problem.
I'm pretty sure that the pre-shared key is correct, username and password is valid.
Even if I made the server offline, the error that I received was still the same.

May I know if there's any extra setting that needs to be done before I can actually connect it via L2TP/IPSec?
I am willing to open a remote session via TeamViewer if it's needed.

Much appreciate for your help.

letun4eg
Posts: 8
Joined: Thu Sep 11, 2014 10:06 pm

Re: Problem with L2TP/IPSec

Post by letun4eg » Mon Sep 15, 2014 4:53 pm

Hi! Check 1701/UDP port.

qupfer
Posts: 202
Joined: Wed Jul 10, 2013 2:07 pm

Re: Problem with L2TP/IPSec

Post by qupfer » Mon Sep 15, 2014 5:07 pm

Error 789 souds like a windows client?

Most problems are certifcate errors (MS check it for validation) or not enabled/allowed NAT-T on client side. (its not allowed by default)

Take a look at this post:
http://www.vpnusers.com/viewtopic.php?f ... =mmc#p5580

jiaqi1993
Posts: 5
Joined: Mon Sep 15, 2014 3:03 pm

Re: Problem with L2TP/IPSec

Post by jiaqi1993 » Tue Sep 16, 2014 2:12 am

letun4eg wrote:
> Hi! Check 1701/UDP port.

I have actually enabled all these ports
http://imgur.com/elmUlA5
including 1701,443,4500,500,5000,1194

It connects when I'm using the local network ip. But when I want to use the public ip, it rejects( using android phone)

letun4eg
Posts: 8
Joined: Thu Sep 11, 2014 10:06 pm

Re: Problem with L2TP/IPSec

Post by letun4eg » Tue Sep 16, 2014 5:58 am

If you can connect in the local network and cann't connect outside - check port forwarding if you using nat.

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Problem with L2TP/IPSec

Post by thisjun » Wed Sep 24, 2014 7:34 am

Could you connect another L2TP server?
http://www.vpngate.net/en/

jiaqi1993
Posts: 5
Joined: Mon Sep 15, 2014 3:03 pm

Re: Problem with L2TP/IPSec

Post by jiaqi1993 » Wed Sep 24, 2014 9:40 am

thisjun wrote:
> Could you connect another L2TP server?
> http://www.vpngate.net/en/

Hi thisjun, I'm able to connect to the public l2tp server.

Wondering if my ISP blocks the L2TP traffic.

Only able to connect via local IP.

crashcarstar
Posts: 2
Joined: Mon Sep 29, 2014 3:37 am

Re: Problem with L2TP/IPSec

Post by crashcarstar » Mon Sep 29, 2014 3:40 am

It appears I'm having almost the exact same issue. I can connect just fine from inside my network but can't once I try from the public side. My ports are forwarded and I even tried putting the server into DMZ and it still didn't help.

crashcarstar
Posts: 2
Joined: Mon Sep 29, 2014 3:37 am

Re: Problem with L2TP/IPSec

Post by crashcarstar » Mon Sep 29, 2014 12:38 pm

I went to bed and when I tried it the morning, it seemed to work.

jiaqi1993
Posts: 5
Joined: Mon Sep 15, 2014 3:03 pm

Re: Problem with L2TP/IPSec

Post by jiaqi1993 » Tue Sep 30, 2014 2:42 pm

crashcarstar wrote:
> I went to bed and when I tried it the morning, it seemed to work.

May I have a screenshot of the port forwarding to allow me to check if I missed out some port

Thanks

jiaqi1993
Posts: 5
Joined: Mon Sep 15, 2014 3:03 pm

Re: Problem with L2TP/IPSec

Post by jiaqi1993 » Wed Oct 01, 2014 4:02 am

Strange problem now, it can connect sometimes.

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Problem with L2TP/IPSec

Post by thisjun » Thu Oct 09, 2014 6:14 am

Could you show me your VPN Server log?

starikoff72
Posts: 3
Joined: Sat Jun 03, 2017 5:49 pm

Re: Problem with L2TP/IPSec

Post by starikoff72 » Sat Jun 03, 2017 6:00 pm

I have the same problem.
When i use L2TP client on win7, i have a 789 error.
Android L2TP client doesn,t connect too.
But i can connect to my server via Softether client on port 5555.
Ports 1701, 500, 4500 on server are opened in iptables.
And there is nothing in server security log.
Does it mean, that provider on the server-side blocks l2tp traffic?

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Problem with L2TP/IPSec

Post by thisjun » Thu Jun 15, 2017 5:37 am

Does the server have global IP address?

starikoff72
Posts: 3
Joined: Sat Jun 03, 2017 5:49 pm

Re: Problem with L2TP/IPSec

Post by starikoff72 » Mon Jun 19, 2017 5:53 am

thisjun wrote:
> Does the server have global IP address?
Yes, it has.
I can connect it via softether vpn client, but can not connect via windows l2tp client and android l2tp client.

kneel
Posts: 5
Joined: Thu Jun 01, 2017 2:48 am

Re: Problem with L2TP/IPSec

Post by kneel » Thu Jun 22, 2017 4:55 am

>> Does the server have global IP address?
>Yes, it has.

I have seen this with server running on AWS - in this case, the server has a private IP and the public IP is DMZed to the server. This screws with IPSec. If your ifconfig does NOT show your public IP, this could be the problem.
This does turn up in the logs though, IIRC.

thisjun
Posts: 2458
Joined: Mon Feb 24, 2014 11:03 am

Re: Problem with L2TP/IPSec

Post by thisjun » Thu Jul 06, 2017 7:25 am

SoftEther VPN Client can connect to the VPN server which doesn't have global IP address.

Post Reply