Problem with L2TP/IPSec
-
- Posts: 5
- Joined: Mon Sep 15, 2014 3:03 pm
Problem with L2TP/IPSec
Hello Everyone,
I have a problem with connecting to my vpn via L2TP/Ipsec.(Tried using PC & Android)
I'm actually able to connect to it via the Softether client and OpenVPN.
1)My Server is running on RaspberryPi
2)Already did the port forward(UDP 500 & 4500)
3)The setting for l2tp/ipsec is ON as the picture shown (http://imgur.com/TCWC4vl)
4)Local Bridge is used
I did a google search for the error(789) that I received from PC side but still unable to solve the problem.
I'm pretty sure that the pre-shared key is correct, username and password is valid.
Even if I made the server offline, the error that I received was still the same.
May I know if there's any extra setting that needs to be done before I can actually connect it via L2TP/IPSec?
I am willing to open a remote session via TeamViewer if it's needed.
Much appreciate for your help.
I have a problem with connecting to my vpn via L2TP/Ipsec.(Tried using PC & Android)
I'm actually able to connect to it via the Softether client and OpenVPN.
1)My Server is running on RaspberryPi
2)Already did the port forward(UDP 500 & 4500)
3)The setting for l2tp/ipsec is ON as the picture shown (http://imgur.com/TCWC4vl)
4)Local Bridge is used
I did a google search for the error(789) that I received from PC side but still unable to solve the problem.
I'm pretty sure that the pre-shared key is correct, username and password is valid.
Even if I made the server offline, the error that I received was still the same.
May I know if there's any extra setting that needs to be done before I can actually connect it via L2TP/IPSec?
I am willing to open a remote session via TeamViewer if it's needed.
Much appreciate for your help.
-
- Posts: 8
- Joined: Thu Sep 11, 2014 10:06 pm
Re: Problem with L2TP/IPSec
Hi! Check 1701/UDP port.
-
- Posts: 202
- Joined: Wed Jul 10, 2013 2:07 pm
Re: Problem with L2TP/IPSec
Error 789 souds like a windows client?
Most problems are certifcate errors (MS check it for validation) or not enabled/allowed NAT-T on client side. (its not allowed by default)
Take a look at this post:
http://www.vpnusers.com/viewtopic.php?f ... =mmc#p5580
Most problems are certifcate errors (MS check it for validation) or not enabled/allowed NAT-T on client side. (its not allowed by default)
Take a look at this post:
http://www.vpnusers.com/viewtopic.php?f ... =mmc#p5580
-
- Posts: 5
- Joined: Mon Sep 15, 2014 3:03 pm
Re: Problem with L2TP/IPSec
letun4eg wrote:
> Hi! Check 1701/UDP port.
I have actually enabled all these ports
http://imgur.com/elmUlA5
including 1701,443,4500,500,5000,1194
It connects when I'm using the local network ip. But when I want to use the public ip, it rejects( using android phone)
> Hi! Check 1701/UDP port.
I have actually enabled all these ports
http://imgur.com/elmUlA5
including 1701,443,4500,500,5000,1194
It connects when I'm using the local network ip. But when I want to use the public ip, it rejects( using android phone)
-
- Posts: 8
- Joined: Thu Sep 11, 2014 10:06 pm
Re: Problem with L2TP/IPSec
If you can connect in the local network and cann't connect outside - check port forwarding if you using nat.
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: Problem with L2TP/IPSec
Could you connect another L2TP server?
http://www.vpngate.net/en/
http://www.vpngate.net/en/
-
- Posts: 5
- Joined: Mon Sep 15, 2014 3:03 pm
Re: Problem with L2TP/IPSec
thisjun wrote:
> Could you connect another L2TP server?
> http://www.vpngate.net/en/
Hi thisjun, I'm able to connect to the public l2tp server.
Wondering if my ISP blocks the L2TP traffic.
Only able to connect via local IP.
> Could you connect another L2TP server?
> http://www.vpngate.net/en/
Hi thisjun, I'm able to connect to the public l2tp server.
Wondering if my ISP blocks the L2TP traffic.
Only able to connect via local IP.
-
- Posts: 2
- Joined: Mon Sep 29, 2014 3:37 am
Re: Problem with L2TP/IPSec
It appears I'm having almost the exact same issue. I can connect just fine from inside my network but can't once I try from the public side. My ports are forwarded and I even tried putting the server into DMZ and it still didn't help.
-
- Posts: 2
- Joined: Mon Sep 29, 2014 3:37 am
Re: Problem with L2TP/IPSec
I went to bed and when I tried it the morning, it seemed to work.
-
- Posts: 5
- Joined: Mon Sep 15, 2014 3:03 pm
Re: Problem with L2TP/IPSec
crashcarstar wrote:
> I went to bed and when I tried it the morning, it seemed to work.
May I have a screenshot of the port forwarding to allow me to check if I missed out some port
Thanks
> I went to bed and when I tried it the morning, it seemed to work.
May I have a screenshot of the port forwarding to allow me to check if I missed out some port
Thanks
-
- Posts: 5
- Joined: Mon Sep 15, 2014 3:03 pm
Re: Problem with L2TP/IPSec
Strange problem now, it can connect sometimes.
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: Problem with L2TP/IPSec
Could you show me your VPN Server log?
-
- Posts: 3
- Joined: Sat Jun 03, 2017 5:49 pm
Re: Problem with L2TP/IPSec
I have the same problem.
When i use L2TP client on win7, i have a 789 error.
Android L2TP client doesn,t connect too.
But i can connect to my server via Softether client on port 5555.
Ports 1701, 500, 4500 on server are opened in iptables.
And there is nothing in server security log.
Does it mean, that provider on the server-side blocks l2tp traffic?
When i use L2TP client on win7, i have a 789 error.
Android L2TP client doesn,t connect too.
But i can connect to my server via Softether client on port 5555.
Ports 1701, 500, 4500 on server are opened in iptables.
And there is nothing in server security log.
Does it mean, that provider on the server-side blocks l2tp traffic?
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: Problem with L2TP/IPSec
Does the server have global IP address?
-
- Posts: 3
- Joined: Sat Jun 03, 2017 5:49 pm
Re: Problem with L2TP/IPSec
thisjun wrote:
> Does the server have global IP address?
Yes, it has.
I can connect it via softether vpn client, but can not connect via windows l2tp client and android l2tp client.
> Does the server have global IP address?
Yes, it has.
I can connect it via softether vpn client, but can not connect via windows l2tp client and android l2tp client.
-
- Posts: 5
- Joined: Thu Jun 01, 2017 2:48 am
Re: Problem with L2TP/IPSec
>> Does the server have global IP address?
>Yes, it has.
I have seen this with server running on AWS - in this case, the server has a private IP and the public IP is DMZed to the server. This screws with IPSec. If your ifconfig does NOT show your public IP, this could be the problem.
This does turn up in the logs though, IIRC.
>Yes, it has.
I have seen this with server running on AWS - in this case, the server has a private IP and the public IP is DMZed to the server. This screws with IPSec. If your ifconfig does NOT show your public IP, this could be the problem.
This does turn up in the logs though, IIRC.
-
- Posts: 2458
- Joined: Mon Feb 24, 2014 11:03 am
Re: Problem with L2TP/IPSec
SoftEther VPN Client can connect to the VPN server which doesn't have global IP address.