07-03-2011 10:44 AM
I have a Cisco 877 router and I configured it to act as a VPN server, supporting both PPTP and L2TP VPNs. I can succesfully connect to it from Windows computers using the built-in VPN software.
There is only one problem: when using a PPTP VPN, encryption doesn't work. If I configure the client to require encryption (default setting), the connection fails with an error about the remote endpoint not supporting it. If I remove the encryption requirement, the connection succeeds. I've also tried tweaking the encryption settings (40/128 bits), but this didn't work either.
This is the relevant part of the router's configuration:
vpdn enable
vpdn-group VPN_Clients
accept-dialin
protocol any
virtual-template 1
ip local pool VPN_Pool 192.168.42.250 192.168.42.254
interface Virtual-Template1
ip unnumbered Vlan1
ip nat inside
peer default ip address pool VPN_Pool
ppp encrypt mppe auto required
ppp authentication ms-chap-v2 ms-chap chap
The router's IOS version is 15, and it fully supports encryption.
The strangest thing is, encryption is actually required in the router config; but not only the router doesn't seem to offer it... it also accepts unencrypted connections, which it shouldn't. It's like the ppp encrypt mppe auto required
command is completely ignored.
How can I fix this?
07-03-2011 02:40 PM
Looks like it was a bug.
I updated the router's IOS from version 15.0(1) to 15.1(3) and now the problem is gone.
07-14-2011 07:38 AM
Might be related to CSCtq59239 "MPPE data packets not flowing in RADIUS authen case again"
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide