dcarrion
asked on
L2TP VPN RRAS Demand Dial
Hello
I'm trying to do something simple however it has turned into something complicated. I have two sites and trying to create a VPN tunnel using RRAS server. PPTP is working fine however If I try to switch it to L2TP I get security errors in event viewer like below:
A Demand Dial connection to the remote interface REAL VPN on port VPN2-4 was successfully initiated but failed to complete successfully because of the following error: The L2TP connection attempt failed because security negotiation timed out.
It has to be something simple...anyone have any ideas? I have the approrpiate 1701 UDP port forwarded.
Regards
Dan
I'm trying to do something simple however it has turned into something complicated. I have two sites and trying to create a VPN tunnel using RRAS server. PPTP is working fine however If I try to switch it to L2TP I get security errors in event viewer like below:
A Demand Dial connection to the remote interface REAL VPN on port VPN2-4 was successfully initiated but failed to complete successfully because of the following error: The L2TP connection attempt failed because security negotiation timed out.
It has to be something simple...anyone have any ideas? I have the approrpiate 1701 UDP port forwarded.
Regards
Dan
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I think the problem I am having is that I am trying to use IPSec VPN behind NAT on a windows 2000 RRAS server. Apparently this doesn't support the new NAT-T (transparent) features...I guess I'm going to have to move onto windows server 2003 RRAS server or hardware VPN routers... thanks anyway guys...any other suggestions please let me know.
Thanks "dcarrion" :)
I was trying to impliment mine on a Windows Server 2003 R2 Box, but had to settle for PPTP in the end - reading through the MS article that I posted the link for I was left with the impression that it was the NAT box (Zyxel Router) that was doing the corrupting of the packets, but I could be wrong.
I suppose you know that you can download a 6 month trial of WinSvr 2003R2 from MS for nothing to try?
Cheers,
Mav
I was trying to impliment mine on a Windows Server 2003 R2 Box, but had to settle for PPTP in the end - reading through the MS article that I posted the link for I was left with the impression that it was the NAT box (Zyxel Router) that was doing the corrupting of the packets, but I could be wrong.
I suppose you know that you can download a 6 month trial of WinSvr 2003R2 from MS for nothing to try?
Cheers,
Mav
ASKER
I have forwarded port 500 and 1701