Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1254
Views
5
Helpful
15
Replies

L2TP don't work in some Windows10 Client and in other yes

Go to solution
AlexBar76
Level 1
Level 1

‎01-19-2022 07:57 AM

Hi All,

I've been configure an L2TP connection on a cisco router cp 1111-8p ios-xe with this parameters

 

vpdn enable

vpdn-group 1
 ! Default L2TP VPDN group
 accept-dialin
  protocol l2tp
  virtual-template 1
 no l2tp tunnel authentication
 
interface Virtual-Template1
 ip unnumbered Loopback100
 peer default ip address pool test
 ppp authentication chap callout
 ppp ipcp dns 4.2.2.1 4.2.2.2
end
 
ip local pool test 10.1.1.2 10.1.1.100 

Then i've configure my w10 client using the vpn software enbedded on w10 ... all ok the l2tp works fine, then take another 
client w10 and doing the same thing but doesn't work and the router return this error
Jan 19 15:52:17.586: %CRYPTO-5-IKMP_SETUP_FAILURE: IKE SETUP FAILED for local:public ip of the client local_id:public ip of the client remote:public ip remote remote_id:public ip remote IKE profile:None fvrf:None fail_reason:Proposal failure fail_class_cnt:1
try to use another client doing the same error.
only one up tree works, all clients had the same updates annd sw version

please anyone can help me ?

 

Labels:
0 Helpful
15 Replies 15

Go to solution
AlexBar76
Level 1
Level 1
In response to MHM Cisco World

‎01-24-2022 11:21 PM

Thank 

 

I've fix the problem 

for some reason many w10 client with l2tp vpn configured do not use l2tp port 1700 but try to use the 500 that is for the ipsec also if no ipsec are configured in the vpn client

so you need to modify the windows registry and block the ipsec under l2tp configuration 

 

many thanks !!!

0 Helpful
Customers Also Viewed These Support Documents