Showing results for 
Search instead for 
Did you mean: 

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

Viktor Jahna

RV340 - L2TP


anyone have experience with setting L2TP / IPSEC on RV340. According to the log after start it does not work at all. 


I contacted Cisco support and they sent me the attached PDF which works for L2TP on RV340. A bit frustrating that the default IPSec Profile doesn't work. I'll suggest a firmware upgrade to set a default profile that works for L2TP or to add a L2TP profile alongside the default one. Hopefully they'll sort it.

Thanks, I am now connecting using a L2TP tunnel. Traffic doesn’t seem to be routing through it yet. I will have to check my split tunnel options or something.

Which version of anyconnect do you use ? (For those who sucessfully connected with)

Cisco Employee

Good Morning,


Attach you are going to see a PDF file with the configuration need it on the RV side and on the computer side in order to establish the L2TP connection.



Hi everybody,,


As anyone did the test from a windows 10 laptop.( the connection window in the pdf file is clearly from a older version of windows)  ?


I configured my RV340W and the client side window' connections setting the exact same way (except for router ip and dns ) as in the document provided, upon connection test I still have this error message (see attached file).



My router is a RV340W but i don't think it should do a difference in configuration, unless it's firmware related ?


And of course the user/password combination is ok, it's the same I'm using to log to the router webUI. :)

if you are using special caracters on the password it won't let you connect.

Hi, I i will mainly continue the discussion tomorrow because i'm going on clients site for others project, but no, the password i'm using only has numbers, and lowercase and uppercase letters.

In this case I will advise you to give us a call to tech support 1-866-606-1866 and open a ticket so we can process further troubleshooting.

that changes that you need apply on the windows computer is the same doesnt matter the version that you are using.

Go to Control Panel (not settings) > Network and Internet > Network and Sharing Center > Change adapter settings > Right click the VPN connection and select properties.

Ms. Calero and Mr. Raizada have both cited, and thankfully, provided the same-named PDF setup advice for RV340 as L2TP/IPSec server.     To my amazement, they are not identical in content.     The files are different, insofar as Ms. Calero's PDF is deleted for critical IPSec profile setup information on page 1 of the 4 page document.     Thank you, Mr. Raizada, for providing this much needed, oh-so-hard to discover information; Windows clients are hard-coded for IPSec and nobody at Microsoft bothered to tell its customers how to set up a matching L2TP/IPSec server.   Yes, this is infuriating.

I have re-posted Mr. Raizada's uploaded PDF with elaborate titling.    Have mercy on your customers, Cisco and Microsoft!  Pity the uninitiated, the struggling, the faithful drawn to Cisco's good name.

Please reupload this fike it dont work now

It is possible to adapt this config to use AES encryption instead of 3DES. (in Windows 10 at least)

Here is a picture of my ipsec settings. 

lt2p best security.jpg

Then you need to run the following in Power Shell on the windows 10 machine. 

 Set-VpnConnectionIPsecConfiguration -ConnectionName "test" -AuthenticationTransformConstants SHA256128 -CipherTransformConstants AES256 -EncryptionMethod AES256 -IntegrityCheckMethod SHA256 -PfsGroup PFS2 -DHGroup Group2 -PassThru -Force

-ConnectionName is the name of the VPN connection I used test here. 

The rest is the same as in the pdf provided earlier in the thread. Ie need to use PAP. 

l2tp properties3.jpg



Edit: Added a picture that shows the PAP authentication setting for the VPN connection.

With this the weakest point is the DH/PFS group.

Unfortunately Windows 10 doesn't support Group 5 so we are stuck with using group 2.

Have you tried this? Is it working?

I have a similar setup which is working. Except it's SHA1 authentication for both phase 1 and phase 2. A Cisco Support Engineer helped me set it up.

I am trying to harden the settings some more. It shows ikev2, but when I select that it does not show up for the L2TP Server selection of the IPSec Profile.

I have managed to repeat the settings for AES256-SHA1 working with the L2TP Server though.