L2TP/IPSEC VPN Windows connection problems

NETWORKING SOLUTIONS
1

Hello,
I have RUTX50 with the FW: RUTX_R_00.07.06.3
I’m trying to create VPN connection between router and my windows laptop. Exactly like here:
https://wiki.teltonika-networks.com/view/L2TP_over_IPsec_PC
I was following the example unfortunately it doesn’t work. Here is my configuration:
L2TP:

image
image940×437 24.7 KB

IPSEC:
image
image940×279 14.8 KB

image
Windows:
image
image403×768 34 KB

As the result I receive following message:
image
image940×211 32.6 KB

I was also trying to create PPTP connection between mentioned devices and it was working fine.
Do you have any idea what is wrong with my setup?
Best Regards
Konrad

3

First of all, can you upgrade the firmware of your RUTX50 to the latest version 07.06.10
Via WebGUI or manually from here:

RUTX50 Firmware Downloads - Teltonika Networks Wiki

It makes things way easier to troubleshoot then.

4

Hello,

As TeWe mentioned, please upgrade your device to the latest firmware version, after try to replicate the issue. If the issue persists, please let me know so I can assist you further.

Best Regards,

5

Hello,
I updated the FW. Everything looks exactly the same
Regards
Konrad

6

Hello,

Apologies for the delayed response. I have updated instructions on how to establish this connection successfully.

1. Firstly, it is necessary to generate certificates on Linux. (On my Windows PC, I installed Ubuntu CLI from the Microsoft Store and performed all the steps there). To do so, execute the following commands:

  1. ipsec pki --gen > caKey.der

  2. ipsec pki --self --in caKey.der --dn "C=CH, O=strongSwan, CN=RUT_pub_IP" --ca > caCert.der

  3. ipsec pki --gen > serverKey.der

  4. ipsec pki --issue --in serverKey.der --type priv --cacert caCert.der --cakey caKey.der --dn "C=CH, O=strongSwan, CN=RUT_pub_IP" --san RUT_pub_IP --san @RUT_pub_IP --flag serverAuth --flag clientAuth --flag ikeIntermediate > serverCert.der

  5. openssl x509 -inform der -outform pem -in caCert.der -out caCert.crt

  6. openssl x509 -inform der -outform pem -in serverCert.der -out serverCert.crt

  7. openssl rsa -inform der -outform pem -in caKey.der -out caKey.key writing RSA key

  8. openssl rsa -inform der -outform pem -in serverKey.der -out serverKey.key writing RSA key

Remember to change all instances of RUT_pub_IP to the RUT’s public IP address.

2. Next, configure L2TP as shown in the screenshot below:

image
image888×687 30.6 KB

3. Then, configure IPSEC as depicted in the screenshots provided.

  1. image
    image600×573 23.3 KB

  2. image

  3. image
    image645×699 30.1 KB

  4. image

  5. image

4. Following that, double click on the caCert.crt certificate file:

  1. Press ‘Open’.

  2. Press ‘Install Certificate’

  3. Select ‘Local Machine’ and press ‘Next’.
    image

  4. Select ‘Automatically select the certificate’ and press ‘Next’ and Finish.
    image

5. Once these steps are completed, configure L2TP/IPSEC with certificates on Windows, save the settings as shown in the screenshot, and connect.

image
image371×729 8.14 KB

Hope this helps!

Best Regards,

7

This topic was automatically closed after 15 days. New replies are no longer allowed.