I use to run a PPTP vpn server but now switched to L2TP/IPsec server.
Setup like Wiki and other examples have explained. Android clients work fine. Windows clients can’t connect. Is there something simple I am missing. I have played around with various security settings on server with no luck. Tried several different windows PCs with no luck.
Are you using the L2TP VPN server in RouterOS?
If you have the VPN server running on a Windows Server behind the MikroTik (i.e.: All traffic forwarded through the MikroTik) then you need to make a registry entry change on all Windows VPN clients. See this MS page for instructions on making the necessary change (Don’t worry about MS referring to Server 2003 and Server 2008, it applies to all Server versions and Windows clients). This problem only applies to Windows clients as Linux, Apple and Android clients can resolve the issue automatically.
Sorry, Yes I am using the VPN server in RouterOS.
Thanks
OK, you shouldn’t need to make the registry change because of your MikroTik configuration but, since it doesn’t hurt to do it, I’d recommend you try making the change on a test Windows client to see if it helps resolve the problem (Your clients might be going through a NAT they don’t know about).
Personally I make the change regardless of where the Windows client is being used and set the AssumeUDPEncapsulationContextOnSendRule value to 2. Doing this allows Windows to determine what (if any) UDP encapsulation is required and also eliminates a potential problem that could crop up later on.
create ipsec proposal sha1/aes-128 cbc and profile with DH Group: ecp256