Getting VPN working using L2TP with IPSEC with Forefront TMG Standard Edition
Hi
I'm working with one of my clients at the moment trying to get this working. On a Windows XP PC PPTP connections work fine but when we try to configure the VPN to use L2TP with IPSEC, the client returns error 678 “The remote computer did not respond” after a couple of minutes. The Forefront log just shows the L2TP connection being initiated and then being gracefully closed. There are some forums mentioning IP fragmentation but in the standard version of TMG there are no options to configure this. We have also tried this from a Windows 7 client and that displays a 789 "The L2TP connection attempt failed because the security layer encountered a processing error during initial negotations with the remote computer" error.
I have tried dispensing with IPSEC PSK and using a certificate instead but I get the same error. I'm running out of ideas and any pointers would be appreciated.
Thanks
Glen Mansbridge
I'm working with one of my clients at the moment trying to get this working. On a Windows XP PC PPTP connections work fine but when we try to configure the VPN to use L2TP with IPSEC, the client returns error 678 “The remote computer did not respond” after a couple of minutes. The Forefront log just shows the L2TP connection being initiated and then being gracefully closed. There are some forums mentioning IP fragmentation but in the standard version of TMG there are no options to configure this. We have also tried this from a Windows 7 client and that displays a 789 "The L2TP connection attempt failed because the security layer encountered a processing error during initial negotations with the remote computer" error.
I have tried dispensing with IPSEC PSK and using a certificate instead but I get the same error. I'm running out of ideas and any pointers would be appreciated.
Thanks
Glen Mansbridge
Keith Alabaster
the option for fragmentation is in all versions of TMG and was in all ISA versions from 2004 onwards - you'll find it in the Intrusion protection section in the GUI - behavioural section. Be aware the TMG SP2 is now available - worth deploying but READ the guidance and deployments notes first.....
Can you please verify your configuration with this config http://microsoftguru.com.au/2010/04/23/how-to-configure-l2tpipsec-vpn-using-forefront-tmg-2010/
I reckon, something is missing in your config.
I reckon, something is missing in your config.
Verify by following steps
http://www.isaserver.org/tutorials/checking-out-tmg-2010-virtual-private-network-server-part3.html
Regards,
Osama Mansoor
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
My client has decided on a different solution so no longer needs this pursued. Thanks to everyone who responded.