DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Problem wi L2TP/IPSEC VPN

  • paul_rogers6
  • Topic Author
  • Offline
  • New Member
  • New Member
More
01 Oct 2010 12:09 #1 by paul_rogers6
Problem wi L2TP/IPSEC VPN was created by paul_rogers6
Dear All

I have setup a Vigor 2820n router to provide a VPN and added a single user/teleworker.

I have installed the DRaytek smart client and can connect using the L2TP and IPSEC setup options. In both cases this gives me access to the network.

However, when I try to connect using L2TP/IPSEC combined I get the following error:

"Access denied because username and/or password is invalid on the domain"

My questions are these:

1. Any idea what is wrong?

2. What domain is it referring to (no Windows domain exists at the HO/router location but I assume it doesn't mean this)?

3. What benefit does using L2TP in conjunction with IPSEC (as opposed to just IPSEC) give? Why not just use IPSEC?

Many thanks

Paul

Please Log in or Create an account to join the conversation.

  • paul_rogers6
  • Topic Author
  • Offline
  • New Member
  • New Member
More
02 Oct 2010 20:06 #2 by paul_rogers6
Replied by paul_rogers6 on topic Problem wi L2TP/IPSEC VPN
Hi All

Another thought has occurred to me.

When I set the router up I followed the VPN Teleworker FAQ. However I assumed that it was not necessary to set up both the IPSEC User and the Remote Dial In User. As such I just set up the IPSec user NOT the Remote Dial In user.

Could this be the reason for the error message?

Regards

Paul

Please Log in or Create an account to join the conversation.

More
02 Oct 2010 21:43 #3 by voodle
Replied by voodle on topic Problem wi L2TP/IPSEC VPN
Aren't IPSec user and remote dial-in the same thing on the 2820? To use L2TP with ipsec you'll need to set the pre-shared key to use on the router under IPSec general setup, enable L2TP with IPSec in the dial-in user profile and set the username / password.
Then you'd connect using the router ip, pre-shared key and username/password

Please Log in or Create an account to join the conversation.

  • paul_rogers6
  • Topic Author
  • Offline
  • New Member
  • New Member
More
03 Oct 2010 10:43 #4 by paul_rogers6
Replied by paul_rogers6 on topic Problem wi L2TP/IPSEC VPN
Hi Voodle

Many thanks for the reply - I just wanted to confirm that they were one and the same.

I have double checked and shared key and password are set correctly and L2TP and IPSEC are enabled. What's puzzling me is the fact that on their own both work ok (which I assume means password and key are configured correctly but combined I get this message about an invalid domain.

I see in the troubleshooting guide a reference to W98 picking up an incorrect domain and that prefixing the username with the name of the domain fixes the problem.

Regards

Paul

Please Log in or Create an account to join the conversation.

More
03 Oct 2010 20:45 #5 by voodle
Replied by voodle on topic Problem wi L2TP/IPSEC VPN
Which version of the smart VPN client are you using? If it's the one from the UK site, I Think that's an older version, you can get the latest one from draytek.com under support > downloads > utilities.

Please Log in or Create an account to join the conversation.

  • paul_rogers6
  • Topic Author
  • Offline
  • New Member
  • New Member
More
05 Oct 2010 10:35 #6 by paul_rogers6
Replied by paul_rogers6 on topic Problem wi L2TP/IPSEC VPN
Hi Voodle

Again, many thanks for the reply. I'm using version 3.6.5.2 from the UK site. I'll upgrade to the version on the main site (4.0.0.2) and let you know if it helps.

regards

Paul

Please Log in or Create an account to join the conversation.