Community discussions

MikroTik App
  4. RouterOS
  5. General

L2TP VPN problem to connect from Windows 8.1

Post Reply
 
mbahi
just joined
Topic Author
Posts: 2
Joined: Tue Jan 05, 2016 5:49 pm

L2TP VPN problem to connect from Windows 8.1

Wed Jan 06, 2016 7:46 pm

Hi, I have similar problem that the user Mikrotikfan in this post, http://forum.mikrotik.com/viewtopic.php?f=2&t=103451

I want setup a simple L2TP vpn túnel ( with preshared key ) , to Access my LAN thru a mikrotik router as a vpn server, with my win8.1 laptop client.
I setup the mikrotik , following different guides in mikrotik wiki and other web sites, like this

/interface ethernet
set [ find default-name=ether1 ] comment=WAN name=ether1-gateway
set [ find default-name=ether2 ] arp=proxy-arp comment=LAN name=\
ether2-master-local
set [ find default-name=ether3 ] master-port=ether2-master-local name=\
ether3-slave-local
set [ find default-name=ether4 ] comment="Switch Hamnet /44" master-port=\
ether2-master-local name=ether4-slave-local
set [ find default-name=ether5 ] arp=proxy-arp comment=DMZ master-port=\
ether2-master-local name=ether5-slave-local

add name=VPNpool ranges=192.168.2.1,192.168.2.5
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=ether2-master-local \
lease-time=10m name=default
/ppp profile
add local-address=VPNpool name=vpnuser remote-address=VPNpool
/interface l2tp-server server
set authentication=chap,mschap1,mschap2 default-profile=vpnuser enabled=yes \
ipsec-secret=******* use-ipsec=yes
/ppp secret
add name=xxxxxx password=****** profile=vpnuser



And the win 8.1 client like is explained here http://wiki.mikrotik.com/wiki/MikroTik_ ... IPSec/L2TP

But I have problems to access when I call in the wan side,” error 789 The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with remote computer” . I try disabling the windows firewall, but the result is the same.

I try to access locally making the same connexion in the Lan and the access is perfect.

For this, I suspect that the problem is in the firewall filter rules, but I add to the default rules , to accept conections of the vpn ports and protocols, like this:

/ip firewall filter
add chain=input comment="default configuration" protocol=icmp
add chain=input comment="default configuration" connection-state=established
add chain=input comment="default configuration" connection-state=related
add action=drop chain=input comment="default configuration" in-interface=\
ether1-gateway
add chain=forward comment="default configuration" connection-state=\
established
add chain=forward comment="default configuration" connection-state=related
add chain=forward comment=" web server en la DMZ" disabled=yes \
dst-address=192.168.1.10 dst-port=80 protocol=tcp
add chain=input comment="VPN L2TP" dst-port=1701,500,4500 protocol=udp
add chain=input protocol=ipsec-esp
add chain=forward comment="DMZ rule" in-interface=ether5-slave-local \
out-interface=ether1-gateway
add action=drop chain=forward comment="default configuration" \
connection-state=invalid
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" \
out-interface=ether1-gateway to-addresses=***public Ip****


But no success.

Please help with this.

Thanks in advance.
Top
Post Reply

Who is online

Users browsing this forum: Bing [Bot], intania, nescafe2002, smirgo, Stibila, Techsystem, vikashdh, zdiv and 77 guests
  4. RouterOS
  5. General