OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: kefealo on January 30, 2018, 01:18:59 pm

Title: PPTP/L2TP for compatibility reasons - And IKEv2 for the live
Post by: kefealo on January 30, 2018, 01:18:59 pm

Hi, I'm a newbie with OPNSense. Planning to change my old firewall and this OPNSense looking promising and excellent solution!
But... I have a problem with 'any' of obsolated VPN mobile.
I can't find in Wiki guides the following topics:
Step be step VPN mobile server setup. What I did? Installed the PPTP and L2TP addon. Filled the required infos on both setup page and added a test user with different names for both, like l2tptest and pptptest.
The PPTP VPN connection working properly, without any problem. The setup and the FW rule done!
But... I'm fighting with the L2TP, but I don't know why not working.
It I try to connect, keeps connecting, then I get this error message:
Can't connect!
The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer.
Security settings are on the Win10 client:
Type of the VPN - L2TP/IPSec
Data encryption - Required (disconnect if server declines)
Authentication - Use Extensible authentication protocol -> Microsoft: Secured password (EAP-MSChap v2) (Encryption enabled)
but i tested with Allow these protocols: Challenge Handshake Authentication Protocol (CHAP) and Microsoft CHAP version 2 (MS-CHAP v2)
without a successful connection.
The next thing to config the IKEv2. I'll describe this later. This time I'm a bit confused, because I can't find a step by step instructions how to implement a IKEv2 mobile VPN.
Thanks.

Update: I'm on 18.1_1

Title: Re: PPTP/L2TP for compatibility reasons - And IKEv2 for the live
Post by: dragon2611 on February 03, 2018, 12:21:10 am

https://support.aa.net.uk/L2TP_Client:_Windows

Windows 10 very much wants you to use IPSEC with L2TP, because microsoft knows best and how dare anyone want a simple tunnel without encryption.  ::)