VPN Connection not visible in L2TP VPN- config
Freshman Member
Hello,
USG40, latest 4.72 AALA.0 firmware. L2TP VPN screen does not show the IPSec VPN connections. Even if those and VPN GW have been configured with Wizard. And they work. I'm able to make the VPN connection from my iPhone, data goes through VPN, no problems at all. Only the L2TP VPN screen is having this issue. Picture attached what I mean. The screen submit button is grey. I cannot enable or disable "L2TP over IPSec" Obviously, it seems to be enabled.
Is this a bug in the Firmware or what?
I have been masking the First DNS Sever out, that's why it's blank.
Thank's for your help.
USG40, latest 4.72 AALA.0 firmware. L2TP VPN screen does not show the IPSec VPN connections. Even if those and VPN GW have been configured with Wizard. And they work. I'm able to make the VPN connection from my iPhone, data goes through VPN, no problems at all. Only the L2TP VPN screen is having this issue. Picture attached what I mean. The screen submit button is grey. I cannot enable or disable "L2TP over IPSec" Obviously, it seems to be enabled.
Is this a bug in the Firmware or what?
I have been masking the First DNS Sever out, that's why it's blank.
Thank's for your help.
0
Best Answers
-
Hi @kelmi,It is caused by selection of Mode Config. The symptom is the same as this discussion.Please go to IPSec VPN > VPN Connection > RemoteAccess_L2TP_Wiz > Mode Config.Turn off "Enable Mode Config". Mode Config is for software IPSec VPN client (the green bow client).
Then you can find it appears on the drop-down list of L2TP > VPN Connection. On this page, IP Address Pool assigns IP addresses to L2TP VPN clients, so you don't need to configure Mode Config in VPN Connection > RemoteAccess_L2TP_Wiz.
0 -
Hi @hgmrtn,Please go to IPSec VPN > VPN Connection > [Your VPN Connection for L2TP VPN] > Mode Config.Make sure "Enable Mode Config" is turned off. Then you should be able to find it appears on the drop-down list of L2TP > VPN Connection. If it is still not working, please send the startup-config.conf of your ATP to me in private message.1
Zyxel Employee
All Replies
-
-
Hello,
I was making the update. No, it does not solve the issue. It is actually now worse, as L2TP over IPSec is now Disabled and I cannot enable it, because of missing VPN Connection from the drop menu. Hmmmmmmmm. Not good.0 -
Hello again,
After the firmware update, when I run the Wizard again, L2TP VPN over IPSec is now in Enabled state. Even if the Apply- button is still grey and there is "none" in the VPN Connection- drop down menu.....
Kelmi
0 -
Hi @kelmi,It is caused by selection of Mode Config. The symptom is the same as this discussion.Please go to IPSec VPN > VPN Connection > RemoteAccess_L2TP_Wiz > Mode Config.Turn off "Enable Mode Config". Mode Config is for software IPSec VPN client (the green bow client).Then you can find it appears on the drop-down list of L2TP > VPN Connection. On this page, IP Address Pool assigns IP addresses to L2TP VPN clients, so you don't need to configure Mode Config in VPN Connection > RemoteAccess_L2TP_Wiz.0
-
Thank'sThis solves the problem.
However, I think, there is an issue in the GUI. The reason being, if the other window tick-in-the-box will create a situation
a) You don't know which IPSec profile is used by L2TP VPN
b) You don't know if the IPSec or L2TP profiles are active or not
So, something to think about in the VPN GUI logic, I think.
Regards
Kelmi0 -
Hi @kelmi,Thanks for your suggestion. It is not quite clear for users to configure and select VPN connection in L2TP VPN. We will add extra note in the L2TP VPN setting of Web Help and User Guide (firmware version 5.32) to help users configure and select VPN connection for L2TP VPN correctly.
In the current design of VPN Connection of L2TP VPN, it only shows the VPN connection that meets the following requirements:- Remote Access (Server Role)- Use transport mode- Configuration Payload (Mode Config)/X-Auth is disable
New Description:Select the IPSec VPN connection the Zyxel Device uses for L2TP VPN. It only shows the VPN connection that meets the following requirements:- Remote Access (Server Role)- Use transport mode- Configuration Payload/X-Auth is disableIn additional, you must to check your VPN setting to meet the requirements list in IPSec Configuration Required for L2TP VPN:- Be enabled- Remote Access (Server Role)- Use transport mode- Configuration Payload/X-Auth is disable- Use Pre-shared key authentication
0 -
Same problem with ATP firewalls.
Any suggestion?0 -
Hi @hgmrtn,Please go to IPSec VPN > VPN Connection > [Your VPN Connection for L2TP VPN] > Mode Config.Make sure "Enable Mode Config" is turned off. Then you should be able to find it appears on the drop-down list of L2TP > VPN Connection. If it is still not working, please send the startup-config.conf of your ATP to me in private message.1
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
