DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Host to LAN L2TP with IPSec VPN using Win7 client. Possible?
- gizmo911uk
- Topic Author
- Offline
- New Member
Less
More
- Posts: 5
- Thank you received: 0
09 Sep 2010 17:14 #63735
by gizmo911uk
Host to LAN L2TP with IPSec VPN using Win7 client. Possible? was created by gizmo911uk
Hi all,
I have a DrayTek Vigor 2820Vn and I'm trying to set up a Host to LAN (Teleworker to Vigor) L2TP with IPSec Policy VPN Connection using Windows 7 (Pro, 32bit) as my client.
I've successfully set up a Host to LAN VPN connection using L2TP with IPSec Policy on my iPhone but with the same settings I cannot get connected with my Windows 7 laptop.
I've tried setting up the VPN connection using both the Smart VPN Client and doing it manually. But both fail to connect.
Before I delve to deep into this, has anyone successfully set up a L2TP with IPSec Policy VPN Connection with a Windows 7 client?
Many Thanks
Gary
I have a DrayTek Vigor 2820Vn and I'm trying to set up a Host to LAN (Teleworker to Vigor) L2TP with IPSec Policy VPN Connection using Windows 7 (Pro, 32bit) as my client.
I've successfully set up a Host to LAN VPN connection using L2TP with IPSec Policy on my iPhone but with the same settings I cannot get connected with my Windows 7 laptop.
I've tried setting up the VPN connection using both the Smart VPN Client and doing it manually. But both fail to connect.
Before I delve to deep into this, has anyone successfully set up a L2TP with IPSec Policy VPN Connection with a Windows 7 client?
Many Thanks
Gary
Please Log in or Create an account to join the conversation.
- mordorf
- Offline
- Junior Member
Less
More
- Posts: 84
- Thank you received: 0
15 Sep 2010 10:43 #63782
by mordorf
Replied by mordorf on topic Host to LAN L2TP with IPSec VPN using Win7 client. Possible?
Yes I can connect to L2TP VPN from a Windows 7 client but only when it is connected to a different network. If I try testing the VPN from the local network to the 2820 then it never connects. I have a mobile broadband dongle that I can use for testing.
[/img]
[/img]
Please Log in or Create an account to join the conversation.
- slarty01
- Offline
- New Member
Less
More
- Posts: 1
- Thank you received: 0
15 Sep 2010 12:27 #63783
by slarty01
Replied by slarty01 on topic Host to LAN L2TP with IPSec VPN using Win7 client. Possible?
Hi I'm just trying this myself and I found exactly the same with PPTP you can connect outside the LAN to the Vigor 2820VN via any network you choose. But for the life of me I can not get Windows 7 to get a L2TP VPN with an IKE Key to work from outside. Has anyone a step by step guide on setup for this as the guides by Draytek are an older firmware version and don't really explain this to a novice very well.
Please Log in or Create an account to join the conversation.
- mordorf
- Offline
- Junior Member
Less
More
- Posts: 84
- Thank you received: 0
15 Sep 2010 18:54 #63786
by mordorf
Replied by mordorf on topic Host to LAN L2TP with IPSec VPN using Win7 client. Possible?
This is how mine is configured and it works fine.
Draytek Configuration:
VPN and Remote Access >
Remote Access Control:
Select all option boxes
IPSec General Setup:
Enter a Pre-Shared Key (make a note of this as you will need it later)
De-select all option boxes except for 3DES
Remote Dial-in User:
Create a User by clicking a number on the left
Select:
Enable this account
PPTP
IPSec Tunnel
L2TP with IPSec Policy
Nice to Have (drop down selection box)
Enter a username
Enter a password or select mOTP and enter a PIN and Secret (note both as you will need this information to configure the mOTP client).
Netbios Naming Packet - Pass
Multicast via VPN - Block
De-select all other option boxes
Draytek Smart VPN Client Configuration:
Click INSERT
Enter a Profile name
Enter the public IP address or host name of the Draytek router
Enter the Remote Dial-in username
Enter password or select mOTP and configure the mOTP secret
Select L2TP over IPSec
Select Use default gateway on remote network (routes all external bound traffic through VPN)
De-select all other options
Click OK
Enter the Pre Shared Key from the Draytek configuration
Click OK
You may also need to create a firewall rule that enables traffic to flow. Try without first and if it you can connect but can't access anything add a firewall rule that allows the local subnet from WAN->LAN
Hope this helps.
Draytek Configuration:
VPN and Remote Access >
Remote Access Control:
Select all option boxes
IPSec General Setup:
Enter a Pre-Shared Key (make a note of this as you will need it later)
De-select all option boxes except for 3DES
Remote Dial-in User:
Create a User by clicking a number on the left
Select:
Enable this account
PPTP
IPSec Tunnel
L2TP with IPSec Policy
Nice to Have (drop down selection box)
Enter a username
Enter a password or select mOTP and enter a PIN and Secret (note both as you will need this information to configure the mOTP client).
Netbios Naming Packet - Pass
Multicast via VPN - Block
De-select all other option boxes
Draytek Smart VPN Client Configuration:
Click INSERT
Enter a Profile name
Enter the public IP address or host name of the Draytek router
Enter the Remote Dial-in username
Enter password or select mOTP and configure the mOTP secret
Select L2TP over IPSec
Select Use default gateway on remote network (routes all external bound traffic through VPN)
De-select all other options
Click OK
Enter the Pre Shared Key from the Draytek configuration
Click OK
You may also need to create a firewall rule that enables traffic to flow. Try without first and if it you can connect but can't access anything add a firewall rule that allows the local subnet from WAN->LAN
Hope this helps.
Please Log in or Create an account to join the conversation.
- gizmo911uk
- Topic Author
- Offline
- New Member
Less
More
- Posts: 5
- Thank you received: 0
17 Sep 2010 11:57 #63827
by gizmo911uk
Replied by gizmo911uk on topic Host to LAN L2TP with IPSec VPN using Win7 client. Possible?
Thanks for your replies guys.
Just after getting an L2TP with IPSec VPN connection working on my Windows 7 client.
In the end it was relatively straight forward.
After reading the 'Built in VPN client - Windows Vista to Vigor Router - IPSec’ how-to in the FAQs I came across the following point:
"Note: Vigor Router don't accept Diffie-Hellman Group 2 algorithm but Vista uses Diffie-Hellman Group 2 algorithm by default. We have to change the setting before creating IPSec tunnel to Vigor Router."
Windows 7 is the same. So to change this I opened up ‘Windows Firewall with Advanced Security’ (click Start and search for it, it’ll appear). Once it opens up select ‘Properties’ in the right hand pane, then select the ‘IPSec Settings’ tab and click on ‘Customize’;
Change ‘Key exchange (Main Mode)’ from ‘Default’ to ‘Advanced’, and click on ‘Customize’;
Add a new security method using ‘Diffie-Hellman Group 1’, like so:
I then recreated the L2TP with IPSec VPN connection using DrayTek’s ‘Smart VPN Client’ wizard utility and the VPN connection worked first time.
Just after getting an L2TP with IPSec VPN connection working on my Windows 7 client.
In the end it was relatively straight forward.
After reading the 'Built in VPN client - Windows Vista to Vigor Router - IPSec’ how-to in the FAQs I came across the following point:
"Note: Vigor Router don't accept Diffie-Hellman Group 2 algorithm but Vista uses Diffie-Hellman Group 2 algorithm by default. We have to change the setting before creating IPSec tunnel to Vigor Router."
Windows 7 is the same. So to change this I opened up ‘Windows Firewall with Advanced Security’ (click Start and search for it, it’ll appear). Once it opens up select ‘Properties’ in the right hand pane, then select the ‘IPSec Settings’ tab and click on ‘Customize’;
Change ‘Key exchange (Main Mode)’ from ‘Default’ to ‘Advanced’, and click on ‘Customize’;
Add a new security method using ‘Diffie-Hellman Group 1’, like so:
I then recreated the L2TP with IPSec VPN connection using DrayTek’s ‘Smart VPN Client’ wizard utility and the VPN connection worked first time.
Please Log in or Create an account to join the conversation.
- ftodino
- Offline
- New Member
Less
More
- Posts: 1
- Thank you received: 0
23 Sep 2010 10:14 #63937
by ftodino
Thanks for this. Really helped me.
I could connect to the VPN but for whatever reason could not successfully copy files to a Win 7 file share until I did the above. Now it works fine.
Many thanks
Tino
Replied by ftodino on topic Host to LAN L2TP with IPSec VPN using Win7 client. Possible?
Thanks for your replies guys.gizmo911uk wrote:
Just after getting an L2TP with IPSec VPN connection working on my Windows 7 client.
In the end it was relatively straight forward.
After reading the 'Built in VPN client - Windows Vista to Vigor Router - IPSec’ how-to in the FAQs I came across the following point:
"Note: Vigor Router don't accept Diffie-Hellman Group 2 algorithm but Vista uses Diffie-Hellman Group 2 algorithm by default. We have to change the setting before creating IPSec tunnel to Vigor Router."
Windows 7 is the same. So to change this I opened up ‘Windows Firewall with Advanced Security’ (click Start and search for it, it’ll appear). Once it opens up select ‘Properties’ in the right hand pane, then select the ‘IPSec Settings’ tab and click on ‘Customize’;
Change ‘Key exchange (Main Mode)’ from ‘Default’ to ‘Advanced’, and click on ‘Customize’;
Add a new security method using ‘Diffie-Hellman Group 1’, like so:
I then recreated the L2TP with IPSec VPN connection using DrayTek’s ‘Smart VPN Client’ wizard utility and the VPN connection worked first time.
Thanks for this. Really helped me.
I could connect to the VPN but for whatever reason could not successfully copy files to a Win 7 file share until I did the above. Now it works fine.
Many thanks
Tino
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek