Connection problem with Android an Ios connection IPSEC/L2TP

[TJphonix]

Hello,
i wrote this topic because i have some connetcion problems with Android, IOS and Windows to my VPN.

I installed softether on my raspberry PI, and connected it directly to my router with ethernet cable.

My ISP doesn't provide a public IP address, but a Natted private IP.

After configuration i can connect to my VPN only if I use Softether VPN Client Manager on a pc, but if i try to connect with my Android or OS smartphone, or using windows VPN, i can't establish a connection.
I tried to connect also with OpenVPN from Android, but nothing to do (i can connect with openVPN only if my VPN server is connected to a ISP that provide a public IP)

Can someone help me?

Thank you

[SeventhSin]

TJphonix wrote:
> but if i try to connect with my Android or OS smartphone, or using windows VPN, i
> can't establish a connection.

a) enable and configure the IPSEC/LT2P function on the VPN server;
b) configure the server box firewall to allow UDP ports 500, 4500 and 1701;
c) for Windows modify your vpn adapter properties like in the screenshot attached;

[TJphonix]

SeventhSin wrote:
> TJphonix wrote:
> > but if i try to connect with my Android or OS smartphone, or using windows VPN,
> i
> > can't establish a connection.
>
> a) enable and configure the IPSEC/LT2P function on the VPN server; ---> ALREADY DONE
> b) configure the server box firewall to allow UDP ports 500, 4500 and 1701; ---> I use Raspbian OS on a Raspberry PI, i think there is not a default firewall, or isn't? If a firewall exists on raspbian, how i do access to it?
> c) for Windows modify your vpn adapter properties like in the screenshot attached; ---> I will try these settings later.

Thank You

[SeventhSin]

If you're trying to connect from outside your network to the Raspbian machine, you will need to open (forward) those ports on your router/firewall.

If you're connecting from inside the network, then one possible issue might be the firewall on the EtherSoft server box. Netfilter is built in the Linux kernel, but no idea if it's activated by default in Rasbian OS.

$ sudo iptables -L

... might be of help.

[TJphonix]

Chain INPUT (policy ACCEPT)target prot opt source destination


Chain FORWARD (policy ACCEPT)
target prot opt source destination


Chain OUTPUT (policy ACCEPT)
target prot opt source destination


This is the output of iptables, there are no rules, so I think every connections is permitted, isn't?

The problem occurs inside and outside my home network.

RaspbianOs is a modified version of Debian

[SeventhSin]

Try to establish a connection from your Windows machine (internally), fire up Event Viewer and fish for error codes. This page has more details:

https://blogs.technet.microsoft.com/rra ... ed-errors/

[TJphonix]

SeventhSin wrote:
> Try to establish a connection from your Windows machine (internally), fire
> up Event Viewer and fish for error codes. This page has more details:
>
>
> https://blogs.technet.microsoft.com/rra ... ed-errors/

Hi, i done it connecting my Raspberry inside the same network of my notebook.

I got this error: 789

It's the case number 5 of the link.

I use another web connection now, with a public IP address respect the previous web connection natted.

If i connect to VPN by OpenVPN client on my android smartphone, it works now because the server is now connected to the web connection that expose a public ip address. If i connect it to the other web connection with natted ip, doesn't work

[cedar]

When your ISP uses NAT, you can't access to your VPN server with L2TP/IPsec.

[thisjun]

Could you show the server log at failing iOS connection?