VPN L2TP and Windows Client

Albymatta
Albymatta Posts: 10
Friend Collector Second Anniversary
Hello at all,
I have a problem with a L2TP VPN configured on Nebula.
I have a Firewall NSG100 and i have already configured a VPN L2TP and connection client side with the Windows native VPN. All of this worked since yesterday well.

Yesterday i have done a little modify, i have power on the IPSec VPN Server and configure that. After i have poweroff and save the configuration, and now, my L2TP over IPSec VPN server doesn't work already. With nebula the configuration is very simply, i can't change a lot of settings.

Thinks that i have already checked:
- I have the nebula cloud authentication login method i have tried to change the password and set again on Windows VPN but nothing;
- The public IP address of firewall is ok;
- i have checked the secret key and re-write that both server side and client side (no special character)
- i have already deactivate the Windows Update that seems blocking L2TP VPN Connection
- I have a Nebula Cloud Base Pack ( maybe is this the problem?)

This is an image server side (i have checked that the user of Nebula Cloud Authentication is already VPN authorized and since yesterday works fine):

Side Windows:



The Log on nebula 


«1

All Replies

  • Zyxel_Melen
    Zyxel_Melen Posts: 2,583  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Hi @Albymatta,

    In order to clarify your symptom, were there any error messages pop out on Windows?

    By the way, may you help to enable Zyxel support so I can help to check?
    Please also provide your organization name so I can find your organization.


    Zyxel Melen


  • mMontana
    mMontana Posts: 1,389  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    edited July 2022
    Yesterday i have done a little modify, i have power on the IPSec VPN Server and configure that. After i have poweroff and save the configuration

    Would you please kindly elaborate a bit more on what is IPSec VPN Server (at least as device) and, generally speaking, what have you done?
    Don't forget that L2TP is for tunneling of the client, but the encryption phase is IPSec.
  • Albymatta
    Albymatta Posts: 10
    Friend Collector Second Anniversary
    @Zyxel_Melen
    Thanks for reply, i have enable the function in Nebula. So, the error on Windows is:

    I am not under firewall because for trying i used a Mobile Hotspot, for exclude firewall side problem.

    @mMontana

    I have enable this on Nebula Cloud, for trying SecurExtender client:

    But after trying i have disable like the image that you view.

    -Don't forget that L2TP is for tunneling of the client, but the encryption phase is IPSec.

    Yes i know this but i cannot understand the error because i haven't change nothing in my configuration, only the IPSec VPN Server for a few minutes.
  • mMontana
    mMontana Posts: 1,389  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    edited July 2022
    @Albymatta did you already explained to Windows (via registry) that both endpoints are behind a NAT?
  • Zyxel_Melen
    Zyxel_Melen Posts: 2,583  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Hi @Albymattam,

    If you aren't sure what @mMontana said, you may reference this discussion to check the  L2TP/IPsec server behind NAT-T device configuration on Windows.


    Zyxel Melen


  • Albymatta
    Albymatta Posts: 10
    Friend Collector Second Anniversary
    Hi @Zyxel_Melen and @mMontana
     
    i have already set this registry key in regedit.exe, without success
  • Albymatta
    Albymatta Posts: 10
    Friend Collector Second Anniversary
    @Zyxel_Melen
    I have tried also with Android phone and i have the same issue... seems that is a firewall side problem
  • Zyxel_Melen
    Zyxel_Melen Posts: 2,583  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Hi @Albymatta,

    May you help to enable Zyxel support so I can help to check the running configuration of your NSG?
    Please also provide your organization name so I can find your organization.
    Zyxel Melen


  • Albymatta
    Albymatta Posts: 10
    Friend Collector Second Anniversary
    Hi @Zyxel_Melen
     i have already enabled Support. I can send MP with my organization name?
  • Zyxel_Melen
    Zyxel_Melen Posts: 2,583  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Hi @Albymatta

    Sure. You can send the org name by PM.
    Zyxel Melen


Nebula Tips & Tricks