Show Posts
1
General Discussion / Client L2TP/IPsec VPN behind OPNsense router to Work VPN not working
« on: August 23, 2020, 05:43:01 am »
I am new to OPNsense (just started using it today). I just switched from a Netgear Nighthawk X6 (R8000) to OPNsense 20.7. Everything seems like a smooth switch except for my work L2TP/IPsec VPN.
I'm using a Windows 10 Pro 2004 client with the native VPN client. The VPN worked before I switched from the Netgear router to the OPNsense router. I have not made any changes on the client side. When I try to connect, it just hangs for awhile and then never moves past 'connecting'.
I'm getting the RasClient error in the event log: The error code returned on failure is 809.
In some digging it appears the firewall on OPNsense is blocking the necessary UDP traffic for the VPN to work: L2TP over IPSec
To allow Internet Key Exchange (IKE), open UDP 500.
To allow IPSec Network Address Translation (NAT-T) open UDP 4500.
To allow L2TP traffic, open UDP 1701.
I'm not sure how to achieve this, and I really don't want to do something wrong that would allow any traffic into my home network over these ports. Any help on this matter would be appreciated.
I'm using a Windows 10 Pro 2004 client with the native VPN client. The VPN worked before I switched from the Netgear router to the OPNsense router. I have not made any changes on the client side. When I try to connect, it just hangs for awhile and then never moves past 'connecting'.
I'm getting the RasClient error in the event log: The error code returned on failure is 809.
In some digging it appears the firewall on OPNsense is blocking the necessary UDP traffic for the VPN to work: L2TP over IPSec
To allow Internet Key Exchange (IKE), open UDP 500.
To allow IPSec Network Address Translation (NAT-T) open UDP 4500.
To allow L2TP traffic, open UDP 1701.
I'm not sure how to achieve this, and I really don't want to do something wrong that would allow any traffic into my home network over these ports. Any help on this matter would be appreciated.