Works like a charm for me. What did the log say?After upgrade from ROS 6.43.12 to 6.44 - I have lost possibility co connect to my MT with L2TP (with preshared key) VPN. I was changing firewall settings, trying other.... but after downgrade to 6.43.12 - IT WORKS AGAIN. So something is BAD with ROS 6.44 and L2TP VPN ! MikroTik team - please repir that ROS 6.44 BUG.
Strange behavior, but this works for me!I found that simply disabling and re-enabling the L2TP server resolved the problem.
/interface l2tp-server server set enabled=no
/interface l2tp-server server set enabled=yes
universal answerThe issue will be fixed in the next RouterOS release.
/ip pool
add name=dyn-vpn ranges=192.168.88.2-192.168.88.19
/ppp profile
add change-tcp-mss=yes dns-server=192.168.88.1 local-address=192.168.88.1 \
name=ppp-in only-one=no remote-address=dyn-vpn use-encryption=required \
use-ipv6=no use-mpls=no
/interface l2tp-server server
set allow-fast-path=yes authentication=mschap2 default-profile=ppp-in enabled=yes ipsec-secret=SERVERPASS max-mru=1460 max-mtu=1460 use-ipsec=yes
/ppp secret
add name=dynuser1 password=DYNUSER1PASS profile=ppp-in
But - there is answer! They found bug and will repair it - it's important that they looking for... and repairing.universal answerThe issue will be fixed in the next RouterOS release.
universal answerThe issue will be fixed in the next RouterOS release.
What's new in 6.45beta6 (2019-Mar-05 08:51):
*) ipsec - fixed dynamic L2TP peer and identity configuration missing after reboot (introduced in v6.44);
Please write to support@mikrotik.com with .rif file attached.I tried this beta but it did not solve my problems ... L2TP server with PSK is not working
Could you please have a look at my issue:The issue will be fixed in the next RouterOS release.
If I upgrade to 6.44.1 will it fix the issue without changing the config?Read this: viewtopic.php?f=2&t=146122&p=720776#p720776
In what way?Upgrading 6.44.1 broke my firewall forwarding chains.
I have the same problem. I reverted it with version 6.43.13 LT and L2TP with ipsec works again ! The routerboard is RB750Gr3 !Since I upgraded to 6.44.*, I currently have patch 6.44.1 and device CCR1036-12G-4S, can not connect Windows 10 clients with IPSEC, get error when trying to connect and I have not changed at all the configuration in the clients or router
Thanks for posting the way to resolve your problem. I also had the same issue (mismatch of shared secrets between IPSEC and L2TP server identities), using the correct pre-shared key works as a charm.that was FAST ! Emils thanks for your help !!!
it seems the way dynamic peer configuration from L2TP server were added to the peers menu changed between 6.43.12 and 6.44
dynamic peers take precedence BEFORE static peer entries ...
In my case there was a static default PEER with a password used by all my roadwarrior clients.
The dynamic peer (from the L2TP server entry) had a typo in the password but that never was used.
until now ...
changed the password and all my clients are working again !
kudos to support, extra kudos to emils
thanks
It Worked !!!I found that simply disabling and re-enabling the L2TP server resolved the problem.
/interface l2tp-server server set enabled=no
/interface l2tp-server server set enabled=yes
And of course I've got all my L2TP connections dropped and could not be established.parsing packet failed, possible cause: wrong password
Hi!I've got this right after a leap upgrade from 6.43.x to 6.46.4 while trying VPN clients to connect upgraded router:
And of course I've got all my L2TP connections dropped and could not be established.parsing packet failed, possible cause: wrong password
So due to your kind replies I've fixed it few minutes ago as follows:
PPP-->Interface-->L2TP Server
Use ipsec = yes
IPsec Secret = [put old or new password]
I put the new one so I have had to update it on all devices connecting to the router via L2TP
thats all!