I want to connect my RouterOS to a VPN using IPSec/L2TP as I currently have a Windows XP PC.
L2TP configuration is as follows:
And IPsec configuration is as follows:
name="l2tp-client" max-mtu=1460 max-mru=1460 mrru=512 connect-to=ip.address.l2tp.server user="adiazm" password="xxxxxxxx" profile=default-encryption add-default-route=no dial-on-demand=no allow=pap,chap,mschap1,mschap2
I get the following errors:
Peer: address=ip.address.l2tp.server/32:500 auth-method=pre-shared-key secret="PreSharedKey" generate-policy=yes exchange-mode=main send-initial-contact=yes nat-traversal=no proposal-check=obey hash-algorithm=sha1 enc-algorithm=3des dh-group=modp1024 lifetime=1d lifebytes=0 dpd-interval=disable-dpd dpd-maximum-failures=1 Proposal: name="Prop-L2TP-IPSEC" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m pfs-group=none Policy: src-address=my.routeros.ip.address/32:1701 dst-address=ip.address.l2tp.server/32:1701 protocol=udp action=encrypt level=require ipsec-protocols=esp tunnel=no sa-src-address=my.routeros.ip.address sa-dst-address=ip.address.l2tp.server proposal=Prop-L2TP-IPSEC priority=0
And I can not connect. Please could someone tell me what should I correct?
echo: ipsec IPsec-SA request for ip.address.l2tp.server queued due to no phase1 found. echo: ipsec initiate new phase 1 negotiation: my.routeros.ip.address<=>ip.address.l2tp.server echo: ipsec begin Identity Protection mode. echo: ipsec phase1 negotiation failed due to time up. 1b50ec5d0735aadb:0000000000000000 echo: ipsec phase2 negotiation failed due to time up waiting for phase1. ESP ip.address.l2tp.server->my.routeros.ip.address echo: ipsec delete phase 2 handler.
As you know, People on the server side only provides the user, password and PSK.