L2TP over IPsec connection failure via internet

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
rlevis
Posts: 3
Joined: Fri Aug 23, 2019 1:19 pm

L2TP over IPsec connection failure via internet

Post by rlevis » Mon Jan 06, 2020 10:14 am

Hopefully this is a common issue with a simple solution. I have SoftEther Server operating on a Windows 7 PC. I can connect to this VPN via a Windows 10 computer (using the Windows VPN client) on the same LAN, just for testing using local IP, but no connection is possible via the internet.

I do have a router configured with port forwarding for ports 500, 4500, and also 1701, 1194 just in case. L2TP over IPsec is enabled in the SoftEther server, as well as OpenVPN.

The Windows Firewall for SoftEther is set for all connections (Public, Private, Domain) but tried disabling the firewall completely with no luck.

I do have experience configuring port forwarding on this router and it works for other servers I have running.

Windows reports "Error 789: The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote server."

What on earth could be going on, when it connects locally but not via the internet? Is there another port I need to forward?

Many thanks.

ethanolson
Posts: 30
Joined: Mon Dec 02, 2019 6:29 am

Re: L2TP over IPsec connection failure via internet

Post by ethanolson » Sat Jan 11, 2020 4:06 am

First, ensure that the router's port forwarding specifies UDP and not TCP.

Second, test from a different LAN because you'll have trouble going out to the internet and back in from the same LAN. I assume you're accessing via your internet IP or DDNS hostname, right?

Third, ensure the SoftEther PC's Windows firewall allows inbound connections over those same ports from the 'public' realm and allows edge traversal.

Last, some ISPs block L2TP/IPSec VPNs. Good luck there.

rlevis
Posts: 3
Joined: Fri Aug 23, 2019 1:19 pm

Re: L2TP over IPsec connection failure via internet

Post by rlevis » Thu Jan 16, 2020 4:27 am

I had no email notification of your reply.

I had UDP only and tried TCP/UDP in the router.

I was at different premises when testing a connection.

The firewall was set to Public, Private, and Domain, but I tried disabling the firewall entirely without luck.

I have a business internet connection and no ports are being blocked.

So it remains a mystery. I've had nothing but unsuccessful experiences with this VPN software. I also have the server software installed on a dedicated Windows Server at a data center, and can connect to it and utilize the internet connection, but cannot access any shared folders via SMB, even though everything is opened in the firewall, Windows security set temporarily to Everyone having access, and nothing. I posted a forum message about that months ago with no replies.

Oh, well, I'll have to forget about VPN access, which is disappointing.

Post Reply