L2TP VPN on Windows 10

Hello. I'm brand new to Windows 10. I've been living in OS X the past few year and just getting reacquainted with Windows. I'm trying to connect to my VPN server which I've been using (and continue to use) successfully with my Macs and iOS devices. L2TP over IPSEC.

I cannot connect to the VPN on my new Windows 10 laptop, though. I've added Firewall exceptions for UDP 50, 500, 4500 and it has made no difference. If I completely disable the firewall and any antivirus, I still can't connect. I get this message: 

Can't connect to VPN
The network connection between your computer and the VPN server could not be established because the remote server is not responding. This could be because of one of the network devices (e.g, firewalls, NAT, routers, etc) between your computer and the remote server is not configured to allow VPN connections.

I opened a Wireshark capture and there are ISAKMP packets going between my machine and the VPN server, but it doesn't connect. I've searched all over the internet and haven't found a solution. Surely I'm not the only person in the world trying to connect to a VPN with Windows 10's built in VPN client?

Thanks for anyone that can share some knowledge! 

You are definitely not alone.

I found an article that suggested adding a registry setting to allow Windows to work with L2TP when behind a NAT which is likely the case for you.  Now this setting didn't help me but I'd be interested to know if it does for you.

REG ADD HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f

You need to run that with admin right from a command prompt or pick it apart and do it manually in regedit.

As far as I can see it is a fault somewhere in Windows 10 that was introduced as an android phone using the same wifi network can connect with no issue at all.

1 person was helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Thanks! I did figure it out shortly after I posted. You’re pretty much spot on. Here’s a step by step and a good explanation. 

https://support.microsoft.com/en-us/help/926179/how-to-configure-an-l2tp-ipsec-server-behind-a-nat-t-device-in-windows

Since it’s a home network, the VPN is indeed behind my router using NAT. Windows does’t out of the box connect because of how it handles NAT-T. Try using the directions above. I’m not a Windows pro so I dont know how yours differs from the official Windows article...

1 person was helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Yeah that one definitely didn't help me.

There was another suggestion I'm in the middle of trying.  For that one you delete all the mini port lan in the device settings.  I've done that but I'm not near a wifi I know the code of yet.  Interestingly tethering the bluetooth connection from my phone that shares the internet works nicely so for now I'm coping and have a way around it.

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

The common factor is wifi at the moment.  If I use that I can't get the vpn to connect from either of my two laptops in Windows 10.

If I use ethernet or bluetooth it does work.

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

I have been unable to connect to my own NAS VPN server from a Windows 10 PC, though it works fine from Windows 7 and Android devices.

MS support spent a couple of hours trying to remotely diagnose the issue and failed. They suggested a repair re-install of Windows, or upgrade to v1809, using the Media Creation Tool, which keeps all your apps and data.

After doing that, I had to install a registry fix to enable a connection via my home network router, as by default it doesn't work via a NAT device.

It then worked for a few weeks, but broke again after the next monthly Windows update.

I also tested with a borrowed spare Windows 10 machine, did a clean install, and the registry fix, which also worked.

I then subscribed for a month to a VPN service, which I had wanted to test anyway for its advertised ability to circumvent geolocation restrictions on TV streaming. That also didn't work on Windows 10 but was fine on other devices.

The service provider told me they had withdrawn support for Windows 10 native client devices, as the connection was unreliable due to a Windows bug, and would only reinstate it once Microsoft had provided a fix. So we may be wasting our time trying to fix it ourselves.

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

This instruction fixed the issue for me - set the Value Data to 2 Hex

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

 
 

Question Info


Last updated July 3, 2020 Views 9,441 Applies to: