I'm pulling my hair out trying to get this to work. Fortunately, I keep my hair short so I can't do any damage.
This is in a test environment so I am not worried about passwords or IP addresses. My goal is to be able to have Windows, Android, and Apple (Macs, iPads, and iPhones) devices connect.
What am I missing?
Thanks!
Laptop attempting to connect using the Windows 10 built-in VPN connector.
- Edition Windows 10 Pro
- Version 2004
- OS build 19042.1165
- Experience Windows Feature Experience Pack 120.2212.3530.0
The following configuration represents a combination of several articles/notes.
/ip ipsec export
Code: Select all
# sep/16/2021 18:38:51 by RouterOS 6.48.4
#
# model = RouterBOARD 750G r3
/ip ipsec profile set [ find default=yes ] \
dh-group=ecp256,ecp384,ecp521,modp8192,modp6144,modp4096,modp3072,modp2048,modp1536,modp1024 \
dpd-interval=disable-dpd enc-algorithm=aes-256,aes-192,aes-128 hash-algorithm=sha256
/ip ipsec proposal set [ find default=yes ] auth-algorithms=sha512,sha256,sha1 enc-algorithms=\
aes-256-cbc,aes-256-ctr,aes-256-gcm,aes-192-cbc,aes-192-gcm,aes-128-cbc,aes-128-ctr,aes-128-gcm\
pfs-group=ecp256
Code: Select all
Flags: X - disabled, D - dynamic, R - responder
0 DR name="l2tp-in-server" passive=yes profile=default exchange-mode=main send-initial-contact=yes
Code: Select all
# sep/16/2021 18:36:57 by RouterOS 6.48.4
#
# model = RouterBOARD 750G r3
/interface l2tp-server add name=l2tp-in1 user=vpn
/interface l2tp-server server set enabled=yes ipsec-secret=vpn use-ipsec=required
Code: Select all
18:27:32 ipsec,info respond new phase 1 (Identity Protection): 10.10.1.134[500]<=>10.10.1.141[500]
18:27:32 ipsec,error no suitable proposal found.
18:27:32 ipsec,error 10.10.1.141 failed to get valid proposal.
18:27:32 ipsec,error 10.10.1.141 failed to pre-process ph1 packet (side: 1, status 1).
18:27:32 ipsec,error 10.10.1.141 phase1 negotiation failed.
18:27:33 ipsec,info respond new phase 1 (Identity Protection): 10.10.1.134[500]<=>10.10.1.141[500]
18:27:33 ipsec,error no suitable proposal found.
18:27:33 ipsec,error 10.10.1.141 failed to get valid proposal.
18:27:33 ipsec,error 10.10.1.141 failed to pre-process ph1 packet (side: 1, status 1).
18:27:33 ipsec,error 10.10.1.141 phase1 negotiation failed.
18:27:36 ipsec,info respond new phase 1 (Identity Protection): 10.10.1.134[500]<=>10.10.1.141[500]
18:27:36 ipsec,error no suitable proposal found.
18:27:36 ipsec,error 10.10.1.141 failed to get valid proposal.
18:27:36 ipsec,error 10.10.1.141 failed to pre-process ph1 packet (side: 1, status 1).
18:27:36 ipsec,error 10.10.1.141 phase1 negotiation failed.