I am preparing to replace my PPtP links with L2TP/IPSec ones and came across a weird behaviour during one of my tests
I setup a Windows 10 machine to connect to my CCR9 via L2TP/IPSec.
The first connection attempt was successful, but subsequent ones weren't
When I checked the CCR9 log I noticed the following
The Windows 10 machine would eventually give up and throw the following error :
Code: Select all
respond new phase 1 (Identity Protection): ISAKMP-SA established the packet is retransmitted by the packet is retransmitted by the packet is retransmitted by etc..
I'm not sure why I remembered this, but I came across a setup guide by Daniel on his blog https://justit.eu/mikrotik-l2tpipsec-vpn/ where he emphasized the activation of the option use-mpls=yes"The L2TP connection attempt failed because the security layer encountered a processing error during the initial negotiations with the remote computer"
I thus enabled this option and suddenly the Windows 10 was able to connect again (hmm...)
Not sure why this would have any influence but stiil, I thought I'd ask around in case anyone else has had issues with Windows 10