Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2058
Views
0
Helpful
2
Replies

L2TP IPSEC VPN connection problem

Michael_CE
Level 1
Level 1

‎06-19-2020 08:22 AM

Hello all

 

I am not able anymore to establish a L2TP IPSEC VPN connection to my Cisco Router.

The Windows 10 integrated VPN Client show this error message: Error code 809 - The network connection between your computer and the VPN server could not be established because the remote server is not responding.

 

Things changed between working and non-working state:

-IOS on Router updated from Version 15.5 to 15.6

-The Windows 10 Client got the usual monthly updates from Microsoft

 

Config Quick Overview:

*******

interface GigabitEthernet8
ip address 192.168.1.5 255.255.254.0
duplex auto
speed auto
no cdp enable
crypto map CRYP_MAP

 

interface Loopback0
ip address 192.168.64.1 255.255.255.0

 

interface Virtual-Template1
ip unnumbered Loopback0
ip nat inside
ip virtual-reassembly in
peer default ip address pool VPNPOOL
ppp mtu adaptive
ppp authentication ms-chap-v2

 

interface Vlan1
ip address 10.10.64.12 255.255.254.0
ip nat outside
ip virtual-reassembly in

 

ip local pool VPNPOOL 192.168.64.10 192.168.64.19

 

ip nat inside source list ACL-NAT interface Vlan1 overload

 

ip access-list standard ACL-NAT
permit 192.168.64.0 0.0.0.255

 

vpdn-group L2TP
! Default L2TP VPDN group
accept-dialin
protocol l2tp
virtual-template 1
no l2tp tunnel authentication

 

crypto isakmp policy 1
encr aes 256
hash sha256
authentication pre-share
group 14
lifetime 3600
crypto isakmp key xxxxxxxxxxxxxxxxxxxxx address 0.0.0.0
crypto isakmp keepalive 3600

 

crypto ipsec transform-set TS1 esp-aes 256 esp-sha256-hmac
mode transport

 

crypto dynamic-map dynamic-map 10
set nat demux
set transform-set TS1

 

crypto map CRYP_MAP 6000 ipsec-isakmp dynamic dynamic-map

*******

 

Please see attached debuglog.txt

 

According the log I would say that IPSEC Phase 1 and 2 are completed successfully, but then something stop working.

 

Can anyone please give me a advice what the problem could be?

Thank you in advance.

 

Kind regards
Michael

 

Labels:
Preview file
19 KB
0 Helpful
2 Replies 2

marce1000
Hall of Fame
Hall of Fame

‎06-19-2020 10:16 AM

 

 - Check if these documents can help you :

        https://directaccess.richardhicks.com/2019/02/14/troubleshooting-always-on-vpn-error-code-809/#:~:text=The%20error%20code%20809%20indicates,can%20come%20in%20to%20play.

       https://www.thewindowsclub.com/troubleshoot-vpn-error-809-on-windows/

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Michael_CE
Level 1
Level 1
In response to marce1000

‎06-22-2020 01:30 AM

Hello marce1000

 

Unfortunately they not help, because there is no firewall or NAT involved in the conncetion from the Client PC to the VPN Router.

It is directly connected: Client PC -> Ethernet Switch -> VPN Router.

 

Any other ideas what the problem could be when look the debug log?

 

Thanks and regards

Michael

 

0 Helpful
Customers Also Viewed These Support Documents