L2TP over IPSec Stopped Working w/o Any Changes?

NSIT
NSIT Posts: 16  Freshman Member
edited December 2021 in Security
Hi Guys,

I called ZyXel Support today, got a tech online for help, he says wait a minute, left and never came back while staying connected to my computer for over 20min, i wrote to him on AnyDesk, he moved the mous but never answered...Not sure if he fell asleep or something lol

Anyhow, i noticed L2TP over IPSec from Windows Client no longer works for any of my ZyWall USG20w routers..I believe these don't work wotj CHAP ver 2?

I deleted the default VPN settings and created a new one, getting the same error which are attached to this message, hoping someone can shed some light

All Replies

  • mMontana
    mMontana Posts: 583  Guru Member
    Hi NSIT,
    no post attachments as far as i can see. Sorry :(

    Anyway: you said

     i noticed L2TP over IPSec from Windows Client no longer works for any of my ZyWall USG20w routers

    would you please try to elaborate a bit more with info your setup? The usual stuff...
    • which windows version
    • which firmware version of USG20W
    • if your USG20W is behind a NAT or public IP configured
    • If you can connect to your device from another OS (iOS/Androd)

  • NSIT
    NSIT Posts: 16  Freshman Member
    Hi, thank you for your reply!

    I added the missing attachments :)
    Windows version 21H2 on Remote Computer.
    USG20w Firmware version is: 3.30(BDR.9) / 1.17 / 2016-11-22 10:05:22
    I can connect fine with Windows 7 running as a VM

  • MJStar
    MJStar Posts: 29  Freshman Member
    Can you share your win10 PC's L2TP properties? Like the below screenshot of my PC.



  • NSIT
    NSIT Posts: 16  Freshman Member
    Hi, i believe the old ZyWall USG20w does not support CHAP v2?

    I tried both CHAP v2, CHAP, or Both...No Change!
  • MJStar
    MJStar Posts: 29  Freshman Member
    Oh~ Have you tried PAP only?

  • NSIT
    NSIT Posts: 16  Freshman Member
    Even tried PAP, i can connect fine from a Win 7 client but since ver 21H2 of Windows, none of my customers can use L2TP over IPSec for VPN
  • NSIT
    NSIT Posts: 16  Freshman Member
    Anyone? Is this due to the fact that routers with ver 3.xx firmware behind a NAT are not compatible with Ms Chap ver2 ?
  • MJStar
    MJStar Posts: 29  Freshman Member
    It seems your firmware version(3.XX) is too old, it doesn't support MS-CHAP v2.
  • NSIT
    NSIT Posts: 16  Freshman Member
    It was working fine until Windows ver 21H2...

Security Highlight