No announcement yet.

L2TP/IPsec VPN Problems

  • Filter
  • Time
  • Show
Clear All
new posts

  • L2TP/IPsec VPN Problems

    Hi everybody,
    I have a SBS2003 box at home which is set up as DC, DHCP server, DNS server, Terminal services and RAS server.

    It has two active NICs, one connected to internet through a modem router and one for the internal network at home which is connected by wire to a wireless router.

    My problem is with establishing a L2TP/IPsec VPN with the server.
    I use an XP pro SP3 with all the updates and patches, including the change in the register for the IPsec NAt-T.
    If I use a PPTP VPN or RDP it just works fine.
    If I try with L2TP/IPsec it fails with error 678 no answer from remote computer.
    I have checked all the events on the XP and on the SBS and the IKE security association is established in both main mode and quick mode and after I just have events ending the IKE security association for both modes. That is all. There is no more traffic.
    Ports 1701, 1723, 4500 and 500 are opened as well as protocol ICPM, 47, 50 and 51. I can ping the server by IP and by name.
    There are 5 free L2TP ports in the RAS.
    It seems to me that the IPsec is successful but the L2TP cannot be established.
    I am using a public network and am not sure about routers that might be between the XP machine and internet.
    I have checked the RASMAN. Log in both machines and there are no errors apart from the mentioned above.
    When I capture the traffic in the server, there are no ESP packets out from the server.

    After much googleing, I have not found a clear coincident problem. It seems that the usual problem is on establishing the IPsec, but I cannot find much about this matter. I have already spent three days doing changes and tests and am at the same point.

    Please, any light? Has someone come across this before? I don’t know where to look at anymore…

    All the best,
    Last edited by Aznarepse; 5th March 2011, 01:09.

  • #2
    Re: L2TP/IPsec VPN Problems

    Hi again,
    please, someone in this forum must have experince with this...
    I don't think is a problem with routers, for there is no ESP traffic in the server itself.
    There is no firewall and the policies are the standard ones created by default, which I believe accept the protocol 50.
    I am obviously missing something...

    Any idea please?



    • #3
      Re: L2TP/IPsec VPN Problems

      We are a group of volunteers here and, for most, this is the weekend so we are allowed to take a few hours off.

      If you really need an authoritative answer within 24 hours on a Saturday, please phone Microsoft Product Support and pay for it.
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd

      ** Remember to give credit where credit is due and leave reputation points where appropriate **


      • #4
        Re: L2TP/IPsec VPN Problems

        Thank you! That was very kind.