Page 1 of 1

[solved] L2TP/IPSec client to site configuration

Posted: Fri Nov 16, 2012 9:38 am
by bowgey
sorry for that silly question and my bad grammar, i have tried to configure L2TP with IPSec on this topology but i still can't activate the IPSec on the router. the L2TP tunnel is worked properly, but when i add an IPSec, the tunnel still worked with no IPSec running.

i use this configuration on gateway router

/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des,aes-128,aes-192,aes-256
/ip ipsec peer
add generate-policy=yes hash-algorithm=sha1 nat-traversal=yes secret=test123456 send-initial-contact=no

i use RouterOS v4.3
my client is windows 7 home premium

what should i do next?
thank you.

Re: [ask] L2TP/IPSec client to site configuration

Posted: Fri Nov 16, 2012 11:11 am
by NAB
i use RouterOS v4.3 ... what should i do next?
Upgrade to ROS 5.x.

Re: [ask] L2TP/IPSec client to site configuration

Posted: Fri Nov 16, 2012 12:37 pm
by bowgey
i use RouterOS v4.3 ... what should i do next?
Upgrade to ROS 5.x.
is it necessary? because I don't have any privilege to do that...
so, it would be a dead end, is it? :(

Re: [ask] L2TP/IPSec client to site configuration

Posted: Mon Nov 19, 2012 11:23 am
by bowgey
i use RouterOS v4.3 ... what should i do next?
Upgrade to ROS 5.x.
is it necessary? because i don't have privilege to do that. :(

Re: [ask] L2TP/IPSec client to site configuration

Posted: Tue Nov 20, 2012 10:01 am
by bowgey
is it necessary? because i don't have any privilege to do that. :(

Re: [ask] L2TP/IPSec client to site configuration

Posted: Tue Nov 20, 2012 1:19 pm
by NAB
is it necessary? because i don't have any privilege to do that. :(
4.3 is incredibly old. Assuming that you have read the wiki section on IPSec and have set your configuration correctly, then this would be my first course of action.

Re: [ask] L2TP/IPSec client to site configuration

Posted: Tue Nov 20, 2012 1:24 pm
by mrz
If client is windows PC then you need to set exchange mode to main-l2tp which is available starting from v5.4