L2TP Error connecting Windows 10 to USG 100 - all of a sudden

ORCA
ORCA Posts: 2
Hello to the community,
 
since yesterday there is an L2TP issue connecting Windows 10 Pro (21H2) with Windows native software to Zyxel USG 100.

Setting:
USG 100 behind a FritzBox 5490. Port forwarding UDP 500 & 4500, TCP 1701, ESP. FritzBox is up to date (7.29) and restarted twice. USG 100 is up to date Firmware V5.20 (ABUH.0). Restarted USG 100 twice.
Just in case Port forwarding had been corrupted, all Ports in forwarding center FritzBox 5490 have been deleted by us and configured from scratch.
Connection Method: L2TP/IPsec with preinstalled key
Using Windows VPN built-in method.

Error:
The return message from Windows 10 VPN software is:
"The L2TP connection attempt failed because a processing error occurred during the initial security negotiation with the remote computer".

This issue occurs to 30 client computers in our organization. The setup has been working perfectly for about 10 month - until yesterday!

Anyone same issue recently or any idea?

Thanx much,

ORCA Team

All Replies

  • Hello at zyxel support team

    in according to this article -> https://news.softpedia.com/news/microsoft-confirms-vpn-bug-caused-by-windows-cumulative-update-kb5009543-534686.shtml


    so i report an interesting tip:

    Microsoft says that customers who must use this VPN connection option are recommended to disable the vendor ID check on the server. Obviously, this isn’t something that users themselves can do but the server admins, and what’s worse is that this feature is sometimes even missing from some VPN servers.

    “To mitigate the issue for some VPNs, you can disable Vendor ID within the server-side settings. Note: Not all VPN servers have the option to disable Vendor ID from being used. Next steps: We are presently investigating and will provide an update in an upcoming release,” Microsoft explained.


    The answer is: is there a vendor ID option VPN on zyxel USG (100-310-1100 ecc)?


    many thanks

  • mMontana
    mMontana Posts: 461  Master Member
    edited January 15
    And ATP...
    Because removing latest patches on Windows 10/11 might not be the safest option... (Windows 8 is declared as not affected)

    Both Firmwares families, 4.x and 5.x please.

Security Highlight