ZyWALL ATP configured L2TP VPN. Windows 10 doesn't connect.

ilnaz · November 5, 2020 9:09PM

I configured the L2TP VPN using: CONFIGURATION > Quick Setup > VPN Setup Wizard > VPN Settings for L2TP VPN Settings, and L2TP worked fine. Windows 10 was connecting.

And then I wanted to make sure that only certain users could connect. And created a group for VPN connection. In the Configuration > L2TP VPN > User, I specified a group for VPN connection:

And Windows 10 stopped connecting, error: "Unable to connect .... so the connection port is closed.

When I go back to the original configuration, everything works fine, Windows 10 connects.

I used these settings, because Windows 7 needs to be connected:

Phase 1 settings:
SA Life Time: 86400
Mode: Main
Proposal: 3DES-SHA1
Key Group: DH2

Phase 2 settings:
SA Life Time: 86400
Protocol: ESP
Encapsulation: Transport
Proposal: AES256-SHA1, AES128-SHA1, 3DES-SHA1
PFS: none

For L2TP connection "pre-shared key" and "user name and password" are used.

Configuring the built-in Windows 10 client:

What could be the problem?

ilnaz · November 10, 2020 9:15PM

Log IKE: isakmp sa [...] is disconnected
send:[hash][del] [count=3]
Dynamic Tunnel [...] built successfully

Jeremylin · November 10, 2020 11:41PM

You can reference this thread
https://businessforum.zyxel.com/discussion/4532/how-to-setup-l2tp-vpn

Make sure IKE and AuthIP IPSec Keying module is enable on PC.

ilnaz · December 4, 2020 8:24PM

Jeremylin said:

You can reference this thread
https://businessforum.zyxel.com/discussion/4532/how-to-setup-l2tp-vpn

Thank You. The L2TP works. But it shows an error in the Log IKE:

The cookie pair is : …

Send:[HASH][DEL] [count=3]

Tunnel […] is disconnected

The cookie pair is : …

Recv:[HASH][DEL]

Dynamic Tunnel [...] rekeyed successfully

And so everything repeats. Is this the way it should be or is there a problem somewhere?

New Firmware	Security Advisories
Education Center	Video Tutorials

ZyWALL ATP configured L2TP VPN. Windows 10 doesn't connect.

All Replies

Who's Online