06-22-2019 11:34 AM
Bought route RV345 with announced wide range VPN compatibility. In reality no one working.
Could somebody help with configuration?
Preferable: L2TP connection with Windows built-in client.
Spent very long time for different workarounds and based on different suggestion from community site without success.
Solved! Go to Solution.
06-24-2019 06:27 AM
You're not alone in having had problems implementing L2TP with the RVXXX routers.
There are 2 common stumbling blocks. ( at least from my point of view. )
One is that you have to configure the VPN connection on the Windows machine to use PAP as authentication.
Seems that the RV routers does not support the use of CHAP or MS-CHAP as authentication protocol for L2TP.
The second is that by default the only encryption that works is 3DES, but in these days 3DES is often not considered to be secure enough, so they try to use AES which does not work without some extra commands on the Windows machine.
I made a post on another thread here on the forum showing how to get this working with AES256 and SHA2-256.
06-23-2019 02:13 PM
Have you tried below document :
if yes, what is the errors you getting and you need to provide more information and error logs.
06-24-2019 06:27 AM
You're not alone in having had problems implementing L2TP with the RVXXX routers.
There are 2 common stumbling blocks. ( at least from my point of view. )
One is that you have to configure the VPN connection on the Windows machine to use PAP as authentication.
Seems that the RV routers does not support the use of CHAP or MS-CHAP as authentication protocol for L2TP.
The second is that by default the only encryption that works is 3DES, but in these days 3DES is often not considered to be secure enough, so they try to use AES which does not work without some extra commands on the Windows machine.
I made a post on another thread here on the forum showing how to get this working with AES256 and SHA2-256.
06-24-2019 11:42 PM
Thank You!
Sounds very promised.
I have found encryption as a cause, but tried to connect using 3DES without success.
Will try your solution in few days. But...
1. I don't think I can offer that solution for permanent usage because of PAP, only as a temporary maybe. How to keep secure connection when passwords going in plain text.
2. Have you tried RADIUS as a credential source? What settings on MS NPS side required?
06-25-2019 12:57 AM
06-24-2019 11:36 PM
Hello,
Thank You for fast answer.
But in that article described Site-to-Site connection.
I need Client-to-Site from Windows 10
06-23-2019 06:29 PM
Hi,
Thanks for your post.
Request you to check with attached L2TP configuration setup, whether able to get it working.
Please check with ISP whether have L2TP service port open (L2TP port number 1701) and IPsec port number like 500 and 4500 also.
-------------------------
Still unable to get it working , kindly open a service request with us by following link below:-
https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html
Thanks and regards,
Mridul
Cisco SBSC
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide