I've been working with UTM for some time now having introduced it at work in my previous job but this one has be a bit stumped. I've currently been using the home licence for about 3 months or so and had L2TP over IPSec remote connection working perfectly.
Whilst working away in the Caribbean I connected remotely to home to synchronise some files and at the same time noticed there was an Up2Date waiting for 9.315 so I scheduled it. Since then I have not been able to connect via VPN.
My client is Windows 7 Professional, using local authentication on the UTM with a PSK.
Originally I couldn't get the connection to establish at all. Since playing around on the UTM and in Windows, deleting the UTM user and the windows VPN connection and then setting up from scratch I am now get as far as user authentication but this fails.
I have checked and rechecked the username/password/PSK to no avail. I attach the log of a connection attempt from the UTM.
2015:09:27-21:39:04 hostname pluto[7347]: packet from 85.255.232.158:7359: received Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000008]
2015:09:27-21:39:04 hostname pluto[7347]: packet from 85.255.232.158:7359: received Vendor ID payload [RFC 3947]
2015:09:27-21:39:04 hostname pluto[7347]: packet from 85.255.232.158:7359: ignoring Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n]
2015:09:27-21:39:04 hostname pluto[7347]: packet from 85.255.232.158:7359: ignoring Vendor ID payload [FRAGMENTATION]
2015:09:27-21:39:04 hostname pluto[7347]: packet from 85.255.232.158:7359: ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
2015:09:27-21:39:04 hostname pluto[7347]: packet from 85.255.232.158:7359: ignoring Vendor ID payload [Vid-Initial-Contact]
2015:09:27-21:39:04 hostname pluto[7347]: packet from 85.255.232.158:7359: ignoring Vendor ID payload [IKE CGA version 1]
2015:09:27-21:39:04 hostname pluto[7347]: "L_for #username#"[39] 85.255.232.158:7359 #41: responding to Main Mode from unknown peer 85.255.232.158:7359
2015:09:27-21:39:04 hostname pluto[7347]: "L_for #username#"[39] 85.255.232.158:7359 #41: ECP_384 is not supported. Attribute OAKLEY_GROUP_DESCRIPTION
2015:09:27-21:39:04 hostname pluto[7347]: "L_for #username#"[39] 85.255.232.158:7359 #41: ECP_256 is not supported. Attribute OAKLEY_GROUP_DESCRIPTION
2015:09:27-21:39:04 hostname pluto[7347]: "L_for #username#"[39] 85.255.232.158:7359 #41: NAT-Traversal: Result using RFC 3947: peer is NATed
2015:09:27-21:39:04 hostname pluto[7347]: | NAT-T: new mapping 85.255.232.158:7359/13291)
2015:09:27-21:39:04 hostname pluto[7347]: "L_for #username#"[39] 85.255.232.158:13291 #41: Peer ID is ID_IPV4_ADDR: '192.168.43.219'
2015:09:27-21:39:04 hostname pluto[7347]: "L_for #username#"[40] 85.255.232.158:13291 #41: deleting connection "L_for #username#"[39] instance with peer 85.255.232.158 {isakmp=#0/ipsec=#0}
2015:09:27-21:39:04 hostname pluto[7347]: "L_for #username#"[40] 85.255.232.158:13291 #41: sent MR3, ISAKMP SA established
2015:09:27-21:39:04 hostname pluto[7347]: "L_for #username#"[20] 85.255.232.158:13291 #42: NAT-Traversal: received 2 NAT-OA. using first, ignoring others
2015:09:27-21:39:04 hostname pluto[7347]: "L_for #username#"[20] 85.255.232.158:13291 #42: responding to Quick Mode
2015:09:27-21:39:04 hostname pppd-l2tp[11660]: Plugin aua.so loaded.
2015:09:27-21:39:04 hostname pppd-l2tp[11660]: AUA plugin initialized.
2015:09:27-21:39:04 hostname pppd-l2tp[11660]: Plugin ippool.so loaded.
2015:09:27-21:39:04 hostname pppd-l2tp[11660]: Plugin pppol2tp.so loaded.
2015:09:27-21:39:04 hostname pppd-l2tp[11660]: pppd 2.4.5 started by (unknown), uid 0
2015:09:27-21:39:04 hostname pppd-l2tp[11660]: Using interface ppp0
2015:09:27-21:39:04 hostname pppd-l2tp[11660]: Connect: ppp0
2015:09:27-21:39:04 hostname pppd-l2tp[11660]: Overriding mtu 1500 to 1380
2015:09:27-21:39:04 hostname pppd-l2tp[11660]: Overriding mru 1500 to mtu value 1380
2015:09:27-21:39:04 hostname pluto[7347]: "L_for #username#"[20] 85.255.232.158:13291 #42: IPsec SA established {ESP=>0x23a7be99
I would greatly appreciate if anyone can offer any advice.
Regards,
Phill
This thread was automatically locked due to age.
