LinkBack URL
About LinkBacks
Unable to connect to L2TP Server
I'm using the built-in Windows L2TP/IPSec client to try and connect to my Untangle box. It keeps erroring out though. I have the VPN connection set manually to L2TP/IPSec with the PSK entered.
Windows 8 Pro 64-Bit Error:
Error 789: The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer.
Untangle IPSec Log (IP Address Host Editted):
May 2 13:33:46 safw pluto[14968]: "VPN-L2TP-0"[2] 73.182.*** #1: the peer proposed: 50.193.***/32:17/1701 -> 192.168.1.207/32:17/0
May 2 13:33:46 safw pluto[14968]: "VPN-L2TP-0"[2] 73.182.*** #1: cannot respond to IPsec SA request because no connection is known for 50.193.***<50.193.***>[+S=C]:17/1701...73.182.***[192.168.1.207,+S=C]:17/%any===192.168.1.207/32
May 2 13:33:46 safw pluto[14968]: "VPN-L2TP-0"[2] 73.182.*** #1: sending encrypted notification INVALID_ID_INFORMATION to 73.182.***:500
Edit: More specific error message that seems to be the cause, according to an Untangle Support rep
ay 2 14:09:52 safw pluto[14968]: "VPN-L2TP-0"[8] 73.182.*** #5: received Delete SA payload: deleting ISAKMP State #5
May 2 14:09:52 safw pluto[14968]: "VPN-L2TP-0"[8] 73.182.***: deleting connection "VPN-L2TP-0" instance with peer 73.182.*** {isakmp=#0/ipsec=#0}
May 2 14:09:52 safw pluto[14968]: packet from 73.182.***:500: received and ignored informational message
May 2 14:09:52 safw pluto[14968]: packet from 73.182.***:500: ignoring unknown Vendor ID payload [01528bbbc00696121849ab9a1c5b2a5100000001]
May 2 14:09:52 safw pluto[14968]: packet from 73.182.***:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000009]
May 2 14:09:52 safw pluto[14968]: packet from 73.182.***:500: received Vendor ID payload [RFC 3947] meth=109, but port floating is off
May 2 14:09:52 safw pluto[14968]: packet from 73.182.***:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but port floating is off
May 2 14:09:52 safw pluto[14968]: packet from 73.182.***:500: ignoring Vendor ID payload [FRAGMENTATION]
May 2 14:09:52 safw pluto[14968]: packet from 73.182.***:500: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
May 2 14:09:52 safw pluto[14968]: packet from 73.182.***:500: ignoring Vendor ID payload [Vid-Initial-Contact]
May 2 14:09:52 safw pluto[14968]: packet from 73.182.***:500: ignoring Vendor ID payload [IKE CGA version 1]
May 2 14:09:52 safw pluto[14968]: "VPN-L2TP-0"[9] 73.182.*** #6: responding to Main Mode from unknown peer 73.182.***
May 2 14:09:52 safw pluto[14968]: "VPN-L2TP-0"[9] 73.182.*** #6: OAKLEY_GROUP 20 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
May 2 14:09:52 safw pluto[14968]: "VPN-L2TP-0"[9] 73.182.*** #6: OAKLEY_GROUP 19 not supported. Attribute OAKLEY_GROUP_DESCRIPTION
May 2 14:09:52 safw pluto[14968]: "VPN-L2TP-0"[9] 73.182.*** #6: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
May 2 14:09:52 safw pluto[14968]: "VPN-L2TP-0"[9] 73.182.*** #6: STATE_MAIN_R1: sent MR1, expecting MI2
May 2 14:11:02 safw pluto[14968]: "VPN-L2TP-0"[9] 73.182.*** #6: max number of retransmissions (2) reached STATE_MAIN_R1
May 2 14:11:02 safw pluto[14968]: "VPN-L2TP-0"[9] 73.182.***: deleting connection "VPN-L2TP-0" instance with peer 73.182.*** {isakmp=#0/ipsec=#0}
Originally Posted by jcoffin
Thanks!
