ZyWALL110 Error Number: -16015 Error Message: 'Dial a dynamic tunnel has failed for Crypto map.'

Vyacheslav

server does not start vpn writes such an error Error Number: -16015 Error Message: 'Dial a dynamic tunnel has failed for Crypto map.' .did all the settings as written in the manual. Please Help me.

[Deleted User]

Dear @Vyacheslav

Thats because you are clicking on connect in the zywal webgui (that's mainly for device to the device connection)


L2TP in the zywall is commenly used as Server role. That means Zywall is server and u have to use a client (Windows pc, Iphone, Android) to dial in on the zywall.. 




So the Zywall will not iniate the connection like you tried with hitting connect.

here is an video how to configure a windows client:to succesfully use L2TP VPN with the zywall
https://youtu.be/BYxcjcOxybs

jonatan

Show the available encryption options.

jonatan

You need to turn on the encryption algorithms through the console.

Vyacheslav

http://onesecurity.zyxel.com/img/uploads/zywall_l2tp_vpn_setup.pdf  my manual

Vyacheslav

Thanks !!!

Vyacheslav

		info	IKE	ISAKMP SA [L2TP_VPN_GW] is disconnected
		info	IKE	Received delete notification
		info	IKE	Recv:[HASH][DEL]
		info	IKE	Send:[HASH][NOTIFY:NO_PROPOSAL_CHOSEN]
		info	IKE	[SA] : No proposal chosen
		info	IKE	[ID] : Tunnel [L2TP_VPN] Phase 2 Local policy mismatch
		info	IKE	Recv:[HASH][SA][NONCE][ID][ID]
		info	IKE	Рhase 1 IKE SA process done Phase 1 and Phase 2 Proposal settings are the same.

[Deleted User]

Please share your tunnel setting otherwise its difficult to see what wrong 

Vyacheslav

jonatan

Add encryption in phase 1 and phase 2

Vyacheslav

In Zywall 110  (firmware 4.33) 3DES is missing. May be downgrade firmware to 4.25?