l2tp/Ipsec VPN Help

Forums Network Management ZeroShell l2tp/Ipsec VPN Help

  • This topic is empty.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • August 12, 2015 at 1:37 am #44356
    ultimoblaze
    Member

    Hi,

    I’ve been trying to set up a host-to-LAN VPN following these guides:
    http://digilander.libero.it/smasherdevourer/schede/linux/Zeroshell%20VPN%20Host-to-LAN-EN.pdf
    http://www.zeroshell.net/listing/l2tp.pdf

    These guides are a few releases behind, I think, while I’m on the latest. I haven’t had any luck connecting.

    I suspect I need to open a port or create some sort of policy in the firewall to allow connections in. Currently I have DENY polices for input and forward chains with specific accept policies.

    Does anybody know if this could be the issue?

    Thanks,
    Ultimoblaze

    August 18, 2015 at 12:56 am #53870
    ultimoblaze
    Member

    I’ve been working on this some more and was able to rule out the firewall. I disabled the firewall on my Windows 7 machine and set the policies to accept on Zeroshell. I have been able to contact the Zeroshell machine, but receive a handful of failures and rejections in the Zeroshell log.

    What I’ve tried:

    Windows 7 VPN Security setting: Automatic
    admin username and password
    Zeroshell log:

    20:46:55 	INFO: respond new phase 1 negotiation: xx.xx.172.2[500]<=>xx.xx.70.89[500]
    
20:46:55 	INFO: begin Identity Protection mode.
    
20:46:55 	INFO: received broken Microsoft ID: MS NT5 ISAKMPOAKLEY
    
20:46:55 	INFO: received Vendor ID: RFC 3947
    
20:46:55 	INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    
20:46:55 	INFO: received Vendor ID: FRAGMENTATION
    
20:46:55 	INFO: Selected NAT-T version: RFC 3947
    
20:46:55 	ERROR: invalid DH group 20.
    
20:46:55 	ERROR: invalid DH group 19.
    
20:46:55 	ERROR: rejected enctype: DB(prop#1:trns#1):Peer(prop#1:trns#3) = 3DES-CBC:7
    
20:46:55 	ERROR: rejected hashtype: DB(prop#1:trns#1):Peer(prop#1:trns#3) = MD5:SHA
    
20:46:55 	ERROR: rejected dh_group: DB(prop#1:trns#1):Peer(prop#1:trns#3) = 1024-bit MODP group:2048-bit MODP group
    
20:46:55 	ERROR: rejected hashtype: DB(prop#1:trns#1):Peer(prop#1:trns#4) = MD5:SHA
    
20:46:55 	ERROR: rejected dh_group: DB(prop#1:trns#1):Peer(prop#1:trns#4) = 1024-bit MODP group:2048-bit MODP group
    
20:46:55 	ERROR: rejected hashtype: DB(prop#1:trns#1):Peer(prop#1:trns#5) = MD5:SHA
    
20:46:55 	ERROR: no suitable proposal found.
    
20:46:55 	ERROR: failed to get valid proposal.
    
20:46:55 	ERROR: failed to process packet.

    I tried forcing the security setting to L2TP/IPsec and received the same results.

    Can anybody provide some help in this matter?

    Thanks,
    Ultimoblaze

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.