Recently L2TP VPN client cannot connect to USG60

Options
peterpoon
peterpoon Posts: 26  Freshman Member
I have been using L2TP VPN client (Win10 Professional PC) to connect to my USG60 for a couple of months.  Just recently I encountered error "security layer encountered a processing error" message per screen print attachment.

The L2TP VPN tunnel has been working for some time.  I have no idea why such error prompted. Appreciate support can shed some light on my case.


Accepted Solution

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,454  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    Hi @peterpoon,
    Please help to check if  OS have windows update KB5009543/KB5009566. It would have Remote access client connection issue. After thorough investigation, there is currently no other solution available except removal of the offending updates and waiting for Microsoft to resolve the issue via upcoming updates.

    To remove the update, open the command prompt and input the following command.

    Right-click Start and choose Command Prompt or Command Prompt (Admin) from the Quick Link menu. You can also use keyboard shortcuts for this route: Windows key + X, followed by C (non-admin) or A (admin). Type cmd in the search box, then press Enter to open the highlighted Command Prompt shortcut.

    Windows 10:
    wusa /uninstall /kb:5009543
    Windows 11:
    wusa /uninstall /kb:5009566

All Replies

  • NSIT
    NSIT Posts: 17  Freshman Member
    First Anniversary
    edited January 2022
    Options
    I had the exact same issue with a client on a 20w and posted on several forums as well as on this one, there were some suggestions but nothing worked. I suggest you try setting up the VPN on another laptop and testing. ZyXel Support had no clue what's going on..

    https://community.zyxel.com/en/discussion/comment/36365#Comment_36365

    I ended up swapping the old 20w for a Flex200, issue was still persistent, i formatted the laptop and it worked...
  • mMontana
    mMontana Posts: 1,302  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Latest Windows patches generated issues on Windows 10 and Windows 11 for L2TP/IPSec connections.
    Today i tested a computer pre-update and L2TP connection to USG40 (4.70) worked correctly.
    After the update, error 789 appeared on Event Viewer.

    Currently the workaround is remove patches and suspend updates. Hoping in few days Microsoft will publish an update for fixing the issue.
  • NSIT
    NSIT Posts: 17  Freshman Member
    First Anniversary
    Options
    Hi Montana, i customer can connect but cannot surf the new anymore after VPN connection, i think in my case there's a routing issue
  • mMontana
    mMontana Posts: 1,302  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Or a Policy rule that have to be added.
  • peterpoon
    peterpoon Posts: 26  Freshman Member
    Options
    Can you be more specific on what Policy Rule did you refer to ?  

    Besides roll back Window 10/11 recent updates, is there any option that we can take to overcome this issue?
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,454  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    Hi @peterpoon,
    Please help to check if  OS have windows update KB5009543/KB5009566. It would have Remote access client connection issue. After thorough investigation, there is currently no other solution available except removal of the offending updates and waiting for Microsoft to resolve the issue via upcoming updates.

    To remove the update, open the command prompt and input the following command.

    Right-click Start and choose Command Prompt or Command Prompt (Admin) from the Quick Link menu. You can also use keyboard shortcuts for this route: Windows key + X, followed by C (non-admin) or A (admin). Type cmd in the search box, then press Enter to open the highlighted Command Prompt shortcut.

    Windows 10:
    wusa /uninstall /kb:5009543
    Windows 11:
    wusa /uninstall /kb:5009566
  • peterpoon
    peterpoon Posts: 26  Freshman Member
    Options
    After wusa roll back KB5009543, problem resolved.  W10 Client L2TP access USG60 worked fine.
  • mMontana
    mMontana Posts: 1,302  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    After updating Windows 10 with optional KB5010793 L2TP started working again.

  • lru
    lru Posts: 1
    Options
    I tried to find a KB5010793 for my PC running WIndows 10 Pro Version 21H2 in 64 bit mode on a x64-based processor Intel Core i5 4300U. No one of the downloads available works. 

    What am I doing wrong? 
  • mMontana
    mMontana Posts: 1,302  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    An effective way to find windows updates.

Security Highlight