Good afternoon everyone, I have a problem and I wanted to know if you could help me solving this problem.
Enable vpn connections with l2tp, enable the l2tp server, open the corresponding ports in the firewall and create users to connect through the vpn; the problem occurred when all users appeared this error and did not let them connect.
when checking the router logs I get these errors
Could you help me to solve this problem?
Best regards.
On your Windows computer; have you made the registry entry change to allow UDP Encapsulation (See this site)?
Putting in the registry entry with a value of 2 might fix the problem (not guaranteed) but is worth trying and won’t hurt.
In theory, this entry is needed when behind nat device.
When you check the logs, the is not nat.
Absolutely correct. However, as I said, it doesn’t hurt to make the change. The logs are showing a phase 1 negotiation failure due to “time up”. My next suggestion is for DJavier to check that the time (and timezone) on the MikroTik and the Windows computer are correct. I do have more suggestions but let’s work through things one step at a time - unless someone has seen this issue before and knows the solution.
PS: It wouldn’t hurt to try rebooting both devices (unless you’ve already tried that) to see if that helps.
Another thing to be aware of is that Microsoft released an update in mid-January this year that broke several things including L2TP VPN connections (giving the same error message you posted).
This page includes links to patches that fix the problem caused by that update (I hope Microsoft included the fix in later patches but can’t guarantee that so you might want to try installing the relevant patch).
The patch numbers (and links) scraped from the above page are: