Community discussions

MikroTik App
Topic Author
Posts: 30
Joined: Sun Nov 09, 2014 8:01 pm
Location: Seattle, WA, USA

L2TP VPN issue

Thu Mar 26, 2020 1:09 am

I have 3 companies using MK routers with VPN's for their clients. Now with people working from home they may be getting taxed, but only 1 is consistently having issues. This only concerns Windows 10 clients, btw.

There many posts here about this issue, which comes down to the error:
l2tp connection attempt failed because the security layer encountered

Although I've read many of the posts concerning this issue, so far I have found no resolution.

In this case there are 4 people potentially using the VPN. So far it seems only 3 are on at the same time. I have heard no complaints from one of the clients.
Another client has had this issue and discovered that if she merely reboot her modem and router, the trouble goes away.

But just today another client has been having this issue. It was only after deleting her VPN setting in Windows and recreating it, that the trouble goes away.

Anyhow, although it is my belief that it is likely something wrong with Windows 10, I can't keep having to nurse each client back up. Are there recommendations on what settings I might consider changing, or maybe just changing everyone over to a different VPN protocol.

The settings are used are very similar to the one's here:
Curtis Vaughan
Seattle, USA
Forum Guru
Forum Guru
Posts: 6517
Joined: Mon Apr 20, 2009 9:11 pm

Re: L2TP VPN issue

Thu Mar 26, 2020 1:32 am

I've seen random problems with IPSec, either with L2TP or without, clients not being able to connect at times, but working later without any changes on either side. So far most reliable for me were OpenVPN or SSTP. Unfortunately, they are both relatively hard to set up. OpenVPN requires to install client software. And certificates are also harder than simple username and password. SSTP needs trusted certificate, so you either need to buy one, do extra work to get a free one from Let's Encrypt (RouterOS can't get it by itself, so you need some external way), or install own CA to all clients. Basically all VPNs are annoying in one way or another.
Excessive quoting is useless and annoying. If you use it, please consider if you could do without it.

Who is online

Users browsing this forum: arisermpo, Baidu [Spider], Bing [Bot], Google [Bot], insel, johnson73, nihitthakkar, satman1w and 168 guests