L2TP and Windows 10
I'm not able to connect via L2TP VPN on a USG1100 with a Windows 10 client.
I'm always getting this error:
0|ZyXEL|USG1100||0|IKE|4|src=my_wan_ip dst=usg_wan_ip spt=62751 dpt=500 msg=Recv IKE sa: SA([0] protocol = IKE (1), AES CBC key len = 256, HMAC-SHA1 PRF, HMAC-SHA1-96, 384 bit ECP, AES CBC key len = 128, 256 bit ECP, 2048 bit MODP, 3DES, 1024 bit MODP; ).
0|ZyXEL|USG1100||0|IKE|4|src=usg_wan_ip dst=my_wan_ip spt=500 dpt=62751 msg=Send:[NOTIFY:NO_PROPOSAL_CHOSEN]
I tried many combinations in phase 1 and 2, but none let me connect. With my Android mobile device, all works fine only when I'm connected with the LTE 4G network, but it doesn't work when it goes out from the company VDSL (double nat, LAN and ISP).
With Windows 10 doesn't work at all, even connected via the hot-spot of the mobile device.
Do you have any suggestion to use L2TP VPN with Windows 10?
Thank you
Federico
All Replies
-
Hi @bbros
L2TP IPSec on Windows 10 problems are known.
A quick solution is to execute and reboot the pc
REG ADD HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f
But I suggest to read the following links:
https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients.md#windows
I hope it helps you.
Best regards
1 -
I have L2TP VPN work with win10 on Pre-shared key with.
Phase 1
Negotiation mode:main
Proposal:
1. 3DES SHA1
2.AES128 SHA1
Phase 2
Active Protocol: ESP
Encapsulation: Transport
Proposal:
1.AES256 SHA1
2. 3DES SHA1
1
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight