johnp338
asked on
Need Help Connecting Vista VPN Client to 3com OfficeConnect Router (L2TP Server)
I recently reformatted my laptop, which meant of course that I had to reconfigure Vista's VPN client to allow me to access my home network (I connect directly to the router as an endpoint).
I can ping the router without a problem, and I set up the client exactly the same as I previously had (to my knowledge), but I get the following error when I try to connect:
"Error 809: The network connection between your computer and the VPN server could not be established because the remote server is not responding. This could be because one of the network devices (e.g, firewalls, NAT, routers, etc) between your computer and the remote server is not configured to allow VPN connections. Please contact your Administrator or your service provider to determine which device may be causing the problem."
What's most odd to me is that I am connecting using the same settings as before, using the same internet connection as before (ie, no new/different hardware). I've even tried turning Windows Firewall off altogether on my client computer, but to no avail. Any help would be much appreciated. Thanks
Edit: One difference in the setup of my laptop: it is now on a domain where before it was on a workgroup. That being said, I am a domain admin, and the connection fails with the same error whether I am logged in as a local user or domain user.
Further edit: I tried connecting from another Vista client NOT on the domain. Also without success (same 809 error)
Edit: I tried the same connection from the LAN and got the following error: "Error 789: The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer." I did get an error log, but it's positively huge. If anyone can tell me what to pull from it, I would gladly post it up.
I will also post screenshots of my router setup.
general-vpn.jpg
tunnel.jpg
I can ping the router without a problem, and I set up the client exactly the same as I previously had (to my knowledge), but I get the following error when I try to connect:
"Error 809: The network connection between your computer and the VPN server could not be established because the remote server is not responding. This could be because one of the network devices (e.g, firewalls, NAT, routers, etc) between your computer and the remote server is not configured to allow VPN connections. Please contact your Administrator or your service provider to determine which device may be causing the problem."
What's most odd to me is that I am connecting using the same settings as before, using the same internet connection as before (ie, no new/different hardware). I've even tried turning Windows Firewall off altogether on my client computer, but to no avail. Any help would be much appreciated. Thanks
Edit: One difference in the setup of my laptop: it is now on a domain where before it was on a workgroup. That being said, I am a domain admin, and the connection fails with the same error whether I am logged in as a local user or domain user.
Further edit: I tried connecting from another Vista client NOT on the domain. Also without success (same 809 error)
Edit: I tried the same connection from the LAN and got the following error: "Error 789: The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer." I did get an error log, but it's positively huge. If anyone can tell me what to pull from it, I would gladly post it up.
I will also post screenshots of my router setup.
general-vpn.jpg
tunnel.jpg
ASKER
Wow, I even tried restoring the router to its defaults and setting it up again: same result. I'm really at a loss here, please help me out. Thanks
ASKER
Also, when the connection fails, I get a dialog to enable logging, redial, close, etc. I also have a Diagnose button. When I click this, it says "Network diagnostics pinged the remote host but did not receive a response." So I ping my FQDN, no problem. I honestly have no idea what's going on.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
2009.02.18 13:19:50 [IKE] + Check in packet and/or construct out packet!
2009.02.18 13:19:50 [IKE] PAYLOAD_DELETE
2009.02.18 13:19:50 [IKE] PAYLOAD_HASH
2009.02.18 13:19:50 [IKE] + Payloads in XCHG_TYPE_INFO:
2009.02.18 13:19:50 [IKE] - exchange type: Informational(main mode)
2009.02.18 13:19:50 [IKE] - Received 84 bytes from 32.165.2.90:500.
2009.02.18 13:19:50 [IKE] Send delete payload, delete PROTO_IPSEC_ESP SA
2009.02.18 13:19:50 [IKE] + Check in packet and/or construct out packet!
2009.02.18 13:19:50 [IKE] PAYLOAD_DELETE
2009.02.18 13:19:50 [IKE] PAYLOAD_HASH
2009.02.18 13:19:50 [IKE] + Payloads in XCHG_TYPE_INFO:
2009.02.18 13:19:50 [IKE] - exchange type: Informational(main mode)
2009.02.18 13:19:50 [IKE] - Received 76 bytes from 32.165.2.90:500.
2009.02.18 13:19:15 [IKE QM] IPSec SA established.
2009.02.18 13:19:15 [IKE] + Check in packet and/or construct out packet!
2009.02.18 13:19:15 [IKE] PAYLOAD_HASH
2009.02.18 13:19:15 [IKE] + Payloads in XCHG_TYPE_QUICK:
2009.02.18 13:19:15 [IKE] - exchange type: IPsec(Quick mode)
2009.02.18 13:19:15 [IKE] - Received 60 bytes from 32.165.2.90:500.
2009.02.18 13:19:15 [IKE] ***Send packet!
2009.02.18 13:19:15 [IKE] PAYLOAD_ID
2009.02.18 13:19:15 [IKE] PAYLOAD_ID
2009.02.18 13:19:15 [IKE] PAYLOAD_NONCE
2009.02.18 13:19:15 [IKE] ---> Transform #1 accepted
2009.02.18 13:19:15 [IKE] : 250000
2009.02.18 13:19:15 [IKE] SA_LIFE_TYPE_KBYTES
2009.02.18 13:19:15 [IKE] : 3600
2009.02.18 13:19:15 [IKE] SA_LIFE_TYPE_SECONDS
2009.02.18 13:19:15 [IKE] AUTH_ALGORITHM_HMAC_SHA1
2009.02.18 13:19:15 [IKE] ENCAPSULATION_MODE_TRANSPO
2009.02.18 13:19:15 [IKE] ->ESP_3DES(trans #1)
2009.02.18 13:19:15 [IKE] => parse PROTO_IPSEC_ESP(proposal #2) payload
2009.02.18 13:19:15 [IKE] : 250000
2009.02.18 13:19:15 [IKE] SA_LIFE_TYPE_KBYTES
2009.02.18 13:19:15 [IKE] : 3600
2009.02.18 13:19:15 [IKE] SA_LIFE_TYPE_SECONDS
2009.02.18 13:19:15 [IKE] AUTH_ALGORITHM_HMAC_SHA1
2009.02.18 13:19:15 [IKE] : 128
2009.02.18 13:19:15 [IKE] ENCAPSULATION_MODE_TRANSPO
2009.02.18 13:19:15 [IKE] ->ESP_AES(trans #1)
2009.02.18 13:19:15 [IKE] => parse PROTO_IPSEC_ESP(proposal #1) payload
2009.02.18 13:19:15 [IKE] PAYLOAD_SA
2009.02.18 13:19:15 [IKE] PAYLOAD_HASH
2009.02.18 13:19:15 [IKE] Construct payload:
2009.02.18 13:19:15 [IKE] local client -> 97.91.170.62/32
2009.02.18 13:19:15 [IKE] received ID type ID_IPV4_ADDR
2009.02.18 13:19:15 [IKE] remote client -> 192.168.0.103/32
2009.02.18 13:19:15 [IKE] received ID type ID_IPV4_ADDR
2009.02.18 13:19:15 [IKE QM] Quick mode, we are responder.
2009.02.18 13:19:15 [IKE] + Check in packet and/or construct out packet!
2009.02.18 13:19:15 [IKE] PAYLOAD_ID
2009.02.18 13:19:15 [IKE] PAYLOAD_ID
2009.02.18 13:19:15 [IKE] PAYLOAD_NONCE
2009.02.18 13:19:15 [IKE] PAYLOAD_SA
2009.02.18 13:19:15 [IKE] PAYLOAD_HASH
2009.02.18 13:19:15 [IKE] + Payloads in XCHG_TYPE_QUICK:
2009.02.18 13:19:15 [IKE] - exchange type: IPsec(Quick mode)
2009.02.18 13:19:15 [IKE] - Received 564 bytes from 32.165.2.90:500.
2009.02.18 13:19:15 [IKE] ***Send packet!
2009.02.18 13:19:15 [IKE MM] ISAKMP SA established.
2009.02.18 13:19:15 [IKE] PAYLOAD_HASH
2009.02.18 13:19:15 [IKE] Local ID : '97.91.170.62' Type ID_IPV4_ADDR
2009.02.18 13:19:15 [IKE] PAYLOAD_ID
2009.02.18 13:19:15 [IKE] Construct payload:
2009.02.18 13:19:15 [IKE] Peer's ID is ID_IPV4_ADDR: '192.168.0.103'
2009.02.18 13:19:15 [IKE] + Check in packet and/or construct out packet!
2009.02.18 13:19:15 [IKE] PAYLOAD_HASH
2009.02.18 13:19:15 [IKE] PAYLOAD_ID
2009.02.18 13:19:15 [IKE] + Payloads in XCHG_TYPE_ID_PROTECT:
2009.02.18 13:19:15 [IKE] - exchange type: ID Protection(main mode)
2009.02.18 13:19:15 [IKE] - Received 68 bytes from 32.165.2.90:500.
2009.02.18 13:19:14 [IKE] ***Send packet!
2009.02.18 13:19:14 [IKE] PAYLOAD_NONCE
2009.02.18 13:19:14 [IKE] PAYLOAD_KE
2009.02.18 13:19:14 [IKE] Construct payload:
2009.02.18 13:19:14 [IKE] + Check in packet and/or construct out packet!
2009.02.18 13:19:14 [IKE] PAYLOAD_NONCE
2009.02.18 13:19:14 [IKE] PAYLOAD_KE
2009.02.18 13:19:14 [IKE] + Payloads in XCHG_TYPE_ID_PROTECT:
2009.02.18 13:19:14 [IKE] - exchange type: ID Protection(main mode)
2009.02.18 13:19:14 [IKE] - Received 212 bytes from 32.165.2.90:500.
2009.02.18 13:19:14 [IKE] ***Send packet!
2009.02.18 13:19:14 [IKE] PAYLOAD_SA
2009.02.18 13:19:14 [IKE] Construct payload:
2009.02.18 13:19:14 [IKE] ---> Transform #4 accepted
2009.02.18 13:19:14 [IKE] : 28800
2009.02.18 13:19:14 [IKE] OAKLEY_LIFE_SECONDS
2009.02.18 13:19:14 [IKE] OAKLEY_PRESHARED_KEY
2009.02.18 13:19:14 [IKE] OAKLEY_GROUP_MODP1024
2009.02.18 13:19:14 [IKE] OAKLEY_SHA
2009.02.18 13:19:14 [IKE] OAKLEY_3DES_CBC
2009.02.18 13:19:14 [IKE] ->KEY_IKE(trans #4)
2009.02.18 13:19:14 [IKE] OAKLEY_GROUP_MODP2048
2009.02.18 13:19:14 [IKE] OAKLEY_SHA
2009.02.18 13:19:14 [IKE] OAKLEY_3DES_CBC
2009.02.18 13:19:14 [IKE] ->KEY_IKE(trans #3)
2009.02.18 13:19:14 [IKE] OAKLEY_AES_CBC
2009.02.18 13:19:14 [IKE] ->KEY_IKE(trans #2)
2009.02.18 13:19:14 [IKE] OAKLEY_AES_CBC
2009.02.18 13:19:14 [IKE] ->KEY_IKE(trans #1)
2009.02.18 13:19:14 [IKE] => parse PROTO_ISAKMP(proposal #1) payload
2009.02.18 13:19:14 [IKE MM] Main mode, we are responder.
2009.02.18 13:19:14 [IKE] + Check in packet and/or construct out packet!
2009.02.18 13:19:14 [IKE] PAYLOAD_VID
2009.02.18 13:19:14 [IKE] PAYLOAD_VID
2009.02.18 13:19:14 [IKE] PAYLOAD_VID
2009.02.18 13:19:14 [IKE] PAYLOAD_VID
2009.02.18 13:19:14 [IKE] PAYLOAD_VID
2009.02.18 13:19:14 [IKE] PAYLOAD_VID
2009.02.18 13:19:14 [IKE] PAYLOAD_VID
2009.02.18 13:19:14 [IKE] PAYLOAD_SA
2009.02.18 13:19:14 [IKE] + Payloads in XCHG_TYPE_ID_PROTECT:
2009.02.18 13:19:14 [IKE] - exchange type: ID Protection(main mode)
2009.02.18 13:19:14 [IKE] - Received 344 bytes from 32.165.2.90:500.