cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Get the latest Cisco news in this December issue of the Cisco Small Business Monthly Newsletter

6836
Views
45
Helpful
40
Replies
Beginner

Re: RV340 - L2TP

I contacted Cisco support and they sent me the attached PDF which works for L2TP on RV340. A bit frustrating that the default IPSec Profile doesn't work. I'll suggest a firmware upgrade to set a default profile that works for L2TP or to add a L2TP profile alongside the default one. Hopefully they'll sort it.

Beginner

Re: RV340 - L2TP

Thanks, I am now connecting using a L2TP tunnel. Traffic doesn’t seem to be routing through it yet. I will have to check my split tunnel options or something.
Beginner

Re: RV340 - L2TP

Which version of anyconnect do you use ? (For those who sucessfully connected with)

Cisco Employee

Re: RV340 - L2TP

Good Morning,

 

Attach you are going to see a PDF file with the configuration need it on the RV side and on the computer side in order to establish the L2TP connection.

 

Regards.

Beginner

Re: RV340 - L2TP

Hi everybody,,

 

As anyone did the test from a windows 10 laptop.( the connection window in the pdf file is clearly from a older version of windows)  ?

 

I configured my RV340W and the client side window' connections setting the exact same way (except for router ip and dns ) as in the document provided, upon connection test I still have this error message (see attached file).

 

 

My router is a RV340W but i don't think it should do a difference in configuration, unless it's firmware related ?

 

Beginner

Re: RV340 - L2TP

And of course the user/password combination is ok, it's the same I'm using to log to the router webUI. :)

Cisco Employee

Re: RV340 - L2TP

if you are using special caracters on the password it won't let you connect.
Beginner

Re: RV340 - L2TP

Hi, I i will mainly continue the discussion tomorrow because i'm going on clients site for others project, but no, the password i'm using only has numbers, and lowercase and uppercase letters.
Cisco Employee

Re: RV340 - L2TP

In this case I will advise you to give us a call to tech support 1-866-606-1866 and open a ticket so we can process further troubleshooting.
Cisco Employee

Re: RV340 - L2TP

that changes that you need apply on the windows computer is the same doesnt matter the version that you are using.
Beginner

Re: RV340 - L2TP

Go to Control Panel (not settings) > Network and Internet > Network and Sharing Center > Change adapter settings > Right click the VPN connection and select properties.

Highlighted
Beginner

Re: RV340 - L2TP

Ms. Calero and Mr. Raizada have both cited, and thankfully, provided the same-named PDF setup advice for RV340 as L2TP/IPSec server.     To my amazement, they are not identical in content.     The files are different, insofar as Ms. Calero's PDF is deleted for critical IPSec profile setup information on page 1 of the 4 page document.     Thank you, Mr. Raizada, for providing this much needed, oh-so-hard to discover information; Windows clients are hard-coded for IPSec and nobody at Microsoft bothered to tell its customers how to set up a matching L2TP/IPSec server.   Yes, this is infuriating.

I have re-posted Mr. Raizada's uploaded PDF with elaborate titling.    Have mercy on your customers, Cisco and Microsoft!  Pity the uninitiated, the struggling, the faithful drawn to Cisco's good name.

Beginner

Re: RV340 - L2TP

Please reupload this fike it dont work now

Beginner

Re: RV340 - L2TP

It is possible to adapt this config to use AES encryption instead of 3DES. (in Windows 10 at least)

Here is a picture of my ipsec settings. 

lt2p best security.jpg

Then you need to run the following in Power Shell on the windows 10 machine. 

 Set-VpnConnectionIPsecConfiguration -ConnectionName "test" -AuthenticationTransformConstants SHA256128 -CipherTransformConstants AES256 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -PfsGroup PFS2 -DHGroup Group2 -PassThru -Force

-ConnectionName is the name of the VPN connection I used test here. 

The rest is the same as in the pdf provided earlier in the thread. Ie need to use PAP. 

l2tp properties3.jpg

 

 

Edit: Added a picture that shows the PAP authentication setting for the VPN connection.

With this the weakest point is the DH/PFS group.

Unfortunately Windows 10 doesn't support Group 5 so we are stuck with using group 2.

Beginner

Re: RV340 - L2TP

Have you tried this? Is it working?

I have a similar setup which is working. Except it's SHA1 authentication for both phase 1 and phase 2. A Cisco Support Engineer helped me set it up.

I am trying to harden the settings some more. It shows ikev2, but when I select that it does not show up for the L2TP Server selection of the IPSec Profile.

I have managed to repeat the settings for AES256-SHA1 working with the L2TP Server though.