D-Link Forums

The Graveyard - Products No Longer Supported => Routers / COVR => DIR-330 => Topic started by: Pyeboy1 on July 01, 2009, 07:39:10 AM

Title: L2TP over IPSec Connection Issues
Post by: Pyeboy1 on July 01, 2009, 07:39:10 AM

I am trying to setup a L2TP over IPSec connection to allow remote users to connect to my internal network. I was on the phone with tech support last night for over an hour and half and they were unable to help me. Here are the current configuration settings I have:

Firmware version: 1.12

IPSEC Settings

Name: HTM
Local Net/Mask: 192.168.0.0/24
Remote IP: Remote User
Authentication: Pre-shared Key 12345678
Local ID: Default
Remote ID: Default

Phase 1 Settings

Main Mode
NAT-T Enabled
Keep Alive/ DPD: DPD(Dead Peer Detection)
DH Group: 2-modp 1024-bit
IKE Proposal List: Cipher all set to AES-256, Hash all set to SHA
IKLE Lifetime: 28800 Seconds

Phase 2 Settings

PFS Enable: Checked
PFS DH Group: 2-modp 1024-bit
IPSec Proposal List: Cipher all set to AES-256, Hash all set to SHA
IPSec Lifetime: 3600 Seconds

PPTP/L2TP Settings

Name: Test
Connection Type: L2TP over IPSec
VPN Server IP: 192.168.0.1
Remote IP range: 192.168.0.50 - 99
Authentication Protocol: MSCHAP v2
MPPE Encryption Mode: None (40 bit and 128 bit are grayed out)
Authentication database: HTM

Authentication Settings

Authentication: Pre-shared Key: 12345678

The tech support folks remotely connected to my router and attempted to set it up and it still would not work. I am using the Windows XP VPN client and I get the error: "Error 768: The connection attempt failed because of failure to encrypt data". In addition, I have tried using the Site to Site Remote IP IPSec setting using 0.0.0.0 and 0.0.0.0 and I get the same error.

I am able to successfully setup a PPTP connection and connect to it but any other connection type fails.

Is there something I am doing wrong? Any help would be greatly appreciated!

Dan

Title: Re: L2TP over IPSec Connection Issues
Post by: Fatman on July 01, 2009, 10:18:14 AM

Well for starters having a seperate IPsec connection WILL cause a failure 100% of the time.  Use only a L2TP-over-IPsec tunnel.

Also, you might consider using the beta firmware, all reports on it are good.

I can confirm that 1.12 and 1.20 work with an XP L2TP-over-IPsec client with no difficulty whatsoever.

Title: Re: L2TP over IPSec Connection Issues
Post by: Pyeboy1 on July 01, 2009, 12:25:48 PM

I tried using just a L2TP over IPSec tunnel by itself and I still got errors. I will try upgrading to the beta firmware version and see if that solves the problem.

Dan

Title: Re: L2TP over IPSec Connection Issues
Post by: Pyeboy1 on July 01, 2009, 03:14:21 PM

I upgraded my firmware to 1.20. I now currently have one VPN connection setup (L2TP over IPSec) and I am still unable to connect using the Windows XP client.

I am not sure what the problem is other than that it could be the router.

Any other suggestions?