This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2TP over IPsec Issues in Windows

Environment information: I have an SG135 on firmware 9.707-5 and a freshly rebuilt laptop with Windows 10 (all updates are current as of 2/2/22 and it is not domain joined, a true vanilla installation). I am performing my testing with the laptop off-network through a basic wireless network.

I am attempting to configure L2TP over IPsec for the first time with this device but am struggling a bit. It seems as if the phase 1 negotiation is successful but I run into an issue during phase 2. I see the following messages:

2022:02:02-15:37:53 secure pluto[31820]: "L_for user"[2] 198.x.x.5:4500 #13: we require PFS but Quick I1 SA specifies no GROUP_DESCRIPTION
2022:02:02-15:37:53 secure pluto[31820]: "L_for user"[2] 198.x.x.5:4500 #13: sending encrypted notification NO_PROPOSAL_CHOSEN to 198.x.x.5:4500

When I look at the policies that are in use under Remote Access > IPsec > Policies, only a single policy is in use. Under that policy, the IPsec PFS group setting is 'Group 14: MODP 2048'. It seems to me as if I am specifying a PFS group.

I can share the logs and any other information, if needed.



This thread was automatically locked due to age.