Hi,
I have a SoftEther VPN server setup(on a win2012R2) to use the SoftEther Client as well as SSTP.
The server is setup with several Virtual Hubs where each hub uses its own NIC and Local Bridge.
All Hubs are also using SecureNAT since we need a dhcp server in each net.
This works fine.
But now we need to enable L2TP so we can allow Android and ios devices. And we can´t get this to work.
We followed the guide on how to enable L2TP and we have set an Ipsec PSK.
We also made sure that TCP/UDP 500, 4500 and 1701 are opened up on the external firewall into the vpn server. I have also created Listener ports in the SoftEther server but I´m not sure if this is needed.
What have we missed?
Thanks in advance
//Andreas..
Problem with L2TP
-
mrw
- Posts: 2
- Joined: Tue May 26, 2015 8:22 am
Re: Problem with L2TP
Hi again,
We solved this ourselves.
The problem was that our external firewall(Watchguard) had a hidden policy to catch all incoming IPSEC connections and not forward them according to our own policys. When we disabled this L2TP works as it should.
FYI this hidden policy is default on all Watchguard firewalls.
And you DO NOT have to add the L2TP listening ports in the SoftEther Manager, just to answer my own question ;)
SoftEther listens to the correct ports when you add the checkmarks for L2TP.
Thanks,
//Andreas..
We solved this ourselves.
The problem was that our external firewall(Watchguard) had a hidden policy to catch all incoming IPSEC connections and not forward them according to our own policys. When we disabled this L2TP works as it should.
FYI this hidden policy is default on all Watchguard firewalls.
And you DO NOT have to add the L2TP listening ports in the SoftEther Manager, just to answer my own question ;)
SoftEther listens to the correct ports when you add the checkmarks for L2TP.
Thanks,
//Andreas..