Topic: DFL 260 - L2TP VPN TUNNEL (Read 10014 times)

Aeronia · « **on:** November 17, 2011, 07:33:53 AM »

Hi, i m tring for several days to configure unsuccessfully a L2TP VPN canal

2011-11-17
16:24:25   Info   IPSEC
1802703

ike_sa_negotiation_completed
ike_sa_completed
local_peer="192.168.1.220:4500 ID 192.168.1.220" remote_peer="masked:4500 ID 192.168.1.2" initiator_spi="ffe16a2d 54e67b33" responder_spi="04ad4a3d a03847e4" int_severity=6
2011-11-17
16:24:25   Info   IPSEC
1802024

ike_sa_negotiation_completed
options="Responder, NAT-T" mode="Main Mode" auth="Pre-shared keys" encryption=3des-cbc keysize= hash=sha1 dhgroup=2 bits=1024 lifetime=28800
2011-11-17
16:24:25   Warning   IPSEC
1800102

ipsec_event
message="It is recommended to use non-IP identities with NAT-T to avoid ID collision"
2011-11-17
16:24:25   Warning   IPSEC
1800102

ipsec_event
message="NAT-T initial contact notification with IP identity 192.168.1.2"
2011-11-17
16:24:25   Info   CONN
600001   IPsecBeforeRules   UDP   wan
core   masked
192.168.1.220   4500
4500   conn_open
conn=open

2011-11-17
16:25:29   Info   IPSEC
1802708

ike_sa_destroyed
ike_sa_killed
ike_sa=" Initiator SPI ESP=0xffe16a2d, AH=0x54e67b33, IPComp=0x4ad4a3d"
2011-11-17
16:25:29   Notice   IPSEC
1800105

ike_delete_notification
local_ip=192.168.1.220 remote_ip=masked cookies=ffe16a2d54e67b3304ad4a3da03847e4 reason="Received delete notification"
2011-11-17
16:25:25   Info   IPSEC
1803024

xauth_exchange_done
statusmsg="Authentication failed"
2011-11-17
16:25:25   Info   IPSEC
1803021

ipsec_sa_statistics
done=14 success=0 failed=14
2011-11-17
16:25:25   Warning   IPSEC
1800109

ike_quickmode_failed
local_ip=192.168.1.220 remote_ip=masked cookies=ffe16a2d54e67b3304ad4a3da03847e4 reason="Timeout"
2011-11-17
16:25:25   Warning   IPSEC
1803020

ipsec_sa_failed
no_ipsec_sa
statusmsg="Timeout"
2011-11-17
16:25:25   Info   IPSEC
1800102

ipsec_event
message=" Remote Proxy ID 192.168.1.2 udp:1701"
2011-11-17
16:25:25   Info   IPSEC
1800102

ipsec_event
message=" Local Proxy ID masked udp:1701"
2011-11-17
16:25:25   Info   IPSEC
1802703

ike_sa_negotiation_completed
ike_sa_completed
local_peer="192.168.1.220:4500 ID 192.168.1.220" remote_peer="masked:4500 ID 192.168.1.2" initiator_spi="ffe16a2d 54e67b33" responder_spi="04ad4a3d a03847e4" int_severity=6
2011-11-17
16:25:25   Info   IPSEC
1800102

ipsec_event

I ve used the PDF tutorial "How_to_configure_L2TP_for_roaming_users" for the configuration.

It s a client-to-lan VPN.

Have you a idea of the problems ?

Regards.

danilovav · « **Reply #1 on:** November 17, 2011, 10:42:15 AM »

Disable XAuth - username/password entered into Windows VPN client will be checked by user auth rule.

Aeronia · « **Reply #2 on:** November 17, 2011, 11:25:07 AM »

IKE XAuth is already turned off

danilovav · « **Reply #3 on:** November 19, 2011, 01:49:53 PM »

Quote

xauth_exchange_done
statusmsg="Authentication failed"

What is it?
Maybe, you've set it on client?

Aeronia · « **Reply #4 on:** November 20, 2011, 02:54:35 PM »

My client is basic VPN connection from windows, i haven t see Xauth on it ... $:-\$

danilovav · « **Reply #5 on:** November 21, 2011, 12:19:21 AM »

Does 192.168.1.2 your client?
Probably, its NAT (router) doesn't support IPsec NAT-T
Try to use PPTP or SSL VPN (if your device is DFL-260E)

D-Link Forums

News:

Author Topic: DFL 260 - L2TP VPN TUNNEL (Read 10014 times)

Aeronia

DFL 260 - L2TP VPN TUNNEL

danilovav

Re: DFL 260 - L2TP VPN TUNNEL

Aeronia

Re: DFL 260 - L2TP VPN TUNNEL

danilovav

Re: DFL 260 - L2TP VPN TUNNEL

Aeronia

Re: DFL 260 - L2TP VPN TUNNEL

danilovav

Re: DFL 260 - L2TP VPN TUNNEL