ZyWALL ATP configured L2TP VPN. Windows 10 doesn't connect.

ilnaz Posts: 6
edited November 2020 in Security
I configured the L2TP VPN using: CONFIGURATION > Quick Setup > VPN Setup Wizard > VPN Settings for L2TP VPN Settings, and L2TP worked fine. Windows 10 was connecting.

And then I wanted to make sure that only certain users could connect. And created a group for VPN connection. In the Configuration > L2TP VPN > User, I specified a group for VPN connection:

And Windows 10 stopped connecting, error: "Unable to connect .... so the connection port is closed.

When I go back to the original configuration, everything works fine, Windows 10 connects.

I used these settings, because Windows 7 needs to be connected:
Phase 1 settings:
SA Life Time: 86400
Mode: Main
Proposal: 3DES-SHA1
Key Group: DH2

Phase 2 settings:
SA Life Time: 86400
Protocol: ESP
Encapsulation: Transport
Proposal: AES256-SHA1, AES128-SHA1, 3DES-SHA1
PFS: none

For L2TP connection "pre-shared key" and "user name and password" are used.

Configuring the built-in Windows 10 client: 

What could be the problem?


All Replies

  • ilnaz
    ilnaz Posts: 6
    Log IKE:  isakmp sa [...] is disconnected 
                     send:[hash][del] [count=3] 
                     Dynamic Tunnel [...] built successfully

  • Jeremylin
    Jeremylin Posts: 139  Ally Member
    edited November 2020
    You can reference this thread

    Make sure IKE and AuthIP IPSec Keying module is enable on PC.

  • ilnaz
    ilnaz Posts: 6
    edited December 2020
    Jeremylin said:

    Thank You. The L2TP works. But it shows an error in the Log IKE:

    The cookie pair is : … 

    Send:[HASH][DEL] [count=3]

    Tunnel […] is disconnected

    Tunnel […] is disconnected

    The cookie pair is : …


    Dynamic Tunnel [...] rekeyed successfully

    And so everything repeats. Is this the way it should be or is there a problem somewhere?
  • Interpulse
    Interpulse Posts: 1
    Hey ilnaz, did you ever find the sollution??

    We have a similar issue. We also get the "disconnected" and "[HASH][DEL]"
    We can even see in in the logs:

    Dynamic Tunnel [...:....:0x33029178] built successfully
    Then some rekeying and finaly a "Recv:[HASH][DEL"...
Sign In to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click on this button!

Community News