Draytek 2960 L2TP setup
Hi All,
We have a Draytek 2960 setup with a teleworker dial-in connection using L2tp over IPSEC and it works perfectly for all users apart from those using Hp Elitebooks! The connection always fails with an Error 809 even though we can connect with the same details using another laptop from the same remote office.
We've even installed the draytek vpn client but that fails with an unknown error. I have switched off the antivirus and the firewall and this doesnt help.
Has anyone got any ideas?
We have a Draytek 2960 setup with a teleworker dial-in connection using L2tp over IPSEC and it works perfectly for all users apart from those using Hp Elitebooks! The connection always fails with an Error 809 even though we can connect with the same details using another laptop from the same remote office.
We've even installed the draytek vpn client but that fails with an unknown error. I have switched off the antivirus and the firewall and this doesnt help.
Has anyone got any ideas?
For what it is worth i got access to such a modem yesterday.
What i needed to setup was VPN > IPsec general setup, there Preshared key and disable AH..
Remote Access control: enable IPSEC & L2TP
Then add a remote user, and enable for IPSEC. use MUST for ipsec setting.
Ipsec settings (for user) are not that relevant as the IPSEC tunnel is built FIRST, then user authentication is done.
after ppp over IPSEC transport has been setup a DHCP request should provide the remaining ip address etc.
What i needed to setup was VPN > IPsec general setup, there Preshared key and disable AH..
Remote Access control: enable IPSEC & L2TP
Then add a remote user, and enable for IPSEC. use MUST for ipsec setting.
Ipsec settings (for user) are not that relevant as the IPSEC tunnel is built FIRST, then user authentication is done.
after ppp over IPSEC transport has been setup a DHCP request should provide the remaining ip address etc.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Default are DES, 3DES, AES128? But you could try if it works with DES replaced by AES256.
Same for hashing, MD5 is old now, try SHA1 & SHA256 if available.
(DES is broken..., MD5 could possibly be broken near real time) Some of the more moderns systems don't use those settings anymore, but require f.e. AES & SGA256