This document provides troubleshooting tips for connectivity issues with L2TP VPN connections. It addresses problems with initial connection establishment and inability to access local resources after connecting. For connection issues, it recommends checking DNS, user authorization, encryption/authentication settings, and policy/pre-shared key configuration. For access problems, it advises verifying the system NIC settings do not conflict with the target network, and that the VPN lease IP range matches the intended access network. Proper configuration of the Cyberoam device and client OS dialer settings is also important.
This document provides troubleshooting tips for connectivity issues with L2TP VPN connections. It addresses problems with initial connection establishment and inability to access local resources after connecting. For connection issues, it recommends checking DNS, user authorization, encryption/authentication settings, and policy/pre-shared key configuration. For access problems, it advises verifying the system NIC settings do not conflict with the target network, and that the VPN lease IP range matches the intended access network. Proper configuration of the Cyberoam device and client OS dialer settings is also important.
This document provides troubleshooting tips for connectivity issues with L2TP VPN connections. It addresses problems with initial connection establishment and inability to access local resources after connecting. For connection issues, it recommends checking DNS, user authorization, encryption/authentication settings, and policy/pre-shared key configuration. For access problems, it advises verifying the system NIC settings do not conflict with the target network, and that the VPN lease IP range matches the intended access network. Proper configuration of the Cyberoam device and client OS dialer settings is also important.
This document provides troubleshooting tips for connectivity issues with L2TP VPN connections. It addresses problems with initial connection establishment and inability to access local resources after connecting. For connection issues, it recommends checking DNS, user authorization, encryption/authentication settings, and policy/pre-shared key configuration. For access problems, it advises verifying the system NIC settings do not conflict with the target network, and that the VPN lease IP range matches the intended access network. Proper configuration of the Cyberoam device and client OS dialer settings is also important.
Download as DOC, PDF, TXT or read online from Scribd
Download as doc, pdf, or txt
You are on page 1/ 3
L2TP VPN Troubleshooting FAQ
1. I am not able to connect L2TP.
Crosscheck the Cyberoam GUI configuration properly:
- Try changing the DNS server IP to Global DNS like 4.2.2.2 under VPN -> PPTP -> Configuration. - Make sure that the concerned user has been added into the List of the authorized VPN users.
- Please, make sure that you have 3DES & SHA1 selected in addition to 3DES & MD5 as Encryption & Authentication Algorithms respectively. - Also select DH Group 14 in addition to DH Group 2. The above two points are particularly important if you are using Win7/Vista OS to dial VPN. Make sure that you have specified the right Policy & preshared key on the VPN connection. Also, verify the below highlighted settings.
Configure the Cyberoam CLI options for the VPN properly:
Check with OS settings & Dialer Configuration:
- As per the present architecture of Cyberoam, we support only PAP authentication
for indirect authentication (i.e. authentication via ADS, LDAP, etc). - So, incase you intent to use CHAP/CHAPv2 as authentication mechanism for PPTP VPN, you may create local Cyberoam resident users for VPN access.
2. I am able to Connect with PPTP VPN but unable to access local resources.
Check system NIC settings:
- Your system NIC config should not have any IP or network mentioned that you intend to access over VPN.
For example, you intend to access a server IP 192.168.1.5 over VPN, however, your own LAN is having IP addressing as 192.168.1.0/24. So, the traffic towards the server will never get into the VPN tunnel.
Keep the Lease IP range in the right network.
-Keep the Lease Range in PPTP VPN configuration same as the network you want to access over the VPN.
For example, if we have defined the lease range as 10.20.30.1 -10.20.30.5, but the actual network we need to access is 192.168.2.0/24, communication might have issues. If at all such a requirement to keep the IP schema like above, please apply NAT policy on VPN-LAN rules.
