Page 1 of 1
L2TP not connecting on Windows client
Posted: Sun Aug 02, 2020 3:12 am
by nanogi
hello, i have (not so) successfully set up a l2tp server on my mikrotik rb750. I can connect through VPN using an android and an ios client, but i can't connect using my windows pc. my mikrotik log says
"ipsec, error no suitable proposal found.
ipsec, error xxx.xxx.xxx.xxx failed to get valid proposal
ipsec, error xxx.xxx.xxx.xxx failed to pre-process ph-1 packet (side:1, status 1).
ipsec, error xxx.xxx.xxx.xxx phase1 negotiation failed"
i've tried every possible configuration out on the internet with no success, i can't connect with my pc. i can connect using pptp but not l2tp, but i can connect through l2tp with android and ios. does anyone know how to configure it to get it to work with all the devices?
Re: L2TP not connecting on Windows client
Posted: Sun Aug 02, 2020 10:56 am
by erlinden
Is Windows up-to-date?
Can you please share you configuration?
- /ppp export hide-sensitive
- /ip ipsec export hide-sensitive
Re: L2TP not connecting on Windows client
Posted: Sun Aug 02, 2020 5:47 pm
by nanogi
Is Windows up-to-date?
Can you please share you configuration?
- /ppp export hide-sensitive
- /ip ipsec export hide-sensitive
Yes, windows is up to date, I'm using windows 10
Ipsec export
# aug/02/2020 11:40:33 by RouterOS 6.43.16
# software id = SK3K-ZFCW
#
# model = RB750Gr3
# serial number = 8B010B6F77A1
/ip ipsec peer profile
set [ find default=yes ] dh-group=modp1024 enc-algorithm=aes-256,3des \
hash-algorithm=sha256
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha256,sha1 enc-algorithms=\
aes-256-cbc,aes-128-cbc,3des
Ppp export
# aug/02/2020 11:38:49 by RouterOS 6.43.16
# software id = SK3K-ZFCW
#
# model = RB750Gr3
# serial number = 8B010B6F77A1
/ppp profile
add bridge=bridge1 local-address=151.151.150.1 name=VPN remote-address=\
vpn_dhcp
set *FFFFFFFE only-one=no
/ppp secret
add local-address=151.150.8.7 name=hernang profile=default-encryption \
remote-address=151.150.8.8
add local-address=151.150.4.4 name=carlos profile=default-encryption \
remote-address=151.150.4.5
add local-address=151.151.150.1 name=nanogi profile=VPN
add local-address=151.151.150.1 name=lautaro profile=VPN
Re: L2TP not connecting on Windows client
Posted: Sun Aug 02, 2020 11:52 pm
by erlinden
In your case I would start by updating RouterOS (before upgrading, do a /export file=router to get a complete configuration).
You are running a very old version at the moment!
Next to that, your encryption is not so strong. I use 3des and pfs-group modp4096
Re: L2TP not connecting on Windows client
Posted: Mon Aug 03, 2020 12:17 am
by mikruser
Set these values:
Proposal: aes-128cbc/sha1/modp1024
Profile: sha1/aes-128/ecp256
Re: L2TP not connecting on Windows client
Posted: Sat May 21, 2022 2:18 am
by raytaylor
Can confirm the last post above just worked for me from mikruser
Re: L2TP not connecting on Windows client
Posted: Fri Dec 30, 2022 1:26 pm
by atomicduck
Set these values:
Proposal: aes-128cbc/sha1/modp1024
Profile: sha1/aes-128/ecp256
Had the same problem, and these work fine. I tested on latest Win 10.