L2TP over IPsec remote access VPN

James,

please follow this kb?

https://community.sophos.com/kb/en-us/125446

Regards

As I stated in my original post, the L2TP server is obviously enabled, as I am able to connect via L2TP.  My question is about the IPsec connection.  Can you offer any more help besides a link to an article that doesn't even address my question?

If you need to allow remote access to Internal Services, you need to follow the KB and not by creating an IPSec connection.

I am specifically trying to configure L2TP OVER IPsec.  I have followed the article and it addresses only part of what I am trying to do.  

The IPsec profile you are sharing is for a site to site VPN. Delete the IPSec profile and follow the KB.

Thanks

You keep telling me to follow that article... THAT HAS NOTHING TO DO WITH IPSEC. If you know that the profile i shared is for a site-to-site vpn, then what settings should i use for a client-to-site VPN?  Again, referring me to an unrelated article is NOT helpful.

James,

please clarify what you are try to achieve.

Thanks

I am configuring an L2TP/IPsec VPN tunnel.  

I have it working now.

My IPsec profile was fine.  I had a couple of mis-configurations on my firewall rules that were preventing traffic.

I had set a primary gateway on my LAN-VPN rule that had to be removed, I had also configured NAT that had to be disabled, and finally, I had designated IP addresses for L2TP in the same range as my LAN, which was causing a conflicting virtual adapter to be created, so that had to be removed.  

NONE of these issues were addressed in the article you linked and repeatedly insisted I read and follow, btw.  

Since I haven't seen this well documented anywhere, here is how to COMPLETELY configure L2TP/IPsec VPN.

The firewall rules you must have:

I am using the built-in DefaultL2TP policy for both IPsec and L2TP connections.  The IPsec connection indicator never goes green, but the logs indicate a successful negotiation and hand off to L2TP.

I am configuring an L2TP/IPsec VPN tunnel.  

I have it working now.

My IPsec profile was fine.  I had a couple of mis-configurations on my firewall rules that were preventing traffic.

I had set a primary gateway on my LAN-VPN rule that had to be removed, I had also configured NAT that had to be disabled, and finally, I had designated IP addresses for L2TP in the same range as my LAN, which was causing a conflicting virtual adapter to be created, so that had to be removed.  

NONE of these issues were addressed in the article you linked and repeatedly insisted I read and follow, btw.  

Since I haven't seen this well documented anywhere, here is how to COMPLETELY configure L2TP/IPsec VPN.

The firewall rules you must have:

I am using the built-in DefaultL2TP policy for both IPsec and L2TP connections.  The IPsec connection indicator never goes green, but the logs indicate a successful negotiation and hand off to L2TP.

Hi.  I followed the steps for L2TP.  I also like to find out how to have L2TP/ IPsec setup.  What additional steps should be done?  What settings need to be ticked?  This is of course aside from the firewall rule you already posted.

As I understand, the IPsec provides encryption to traffic that passes through, correct?