Hi Dimka88,
I’ve managed to get the L2TP client without IPSEC working in Windows 10 but only with L2TPNS not ACCEL-PPP as the server.
When using ACCEL-PPP, there appears to be an issue with the shared secret.
If I set secret=test under [l2tp] in accel-ppp.conf and then the word test under pre-shared key in my L2TP client config in windows 10, it will not work.
I get the following error in the accel-ppp.log.
"impossible to authenticate peer: invalid Challenge Response sent by peer (wrong secret)"
Please try it for yourself.
You will need to add the following DWORD in your windows Registry.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Parameters\ProhibitIpSec and set it to 1.
This is the same issue I was having before.
Please see the following bug report.
viewtopic.php?f=8&t=2591
I realise you tested with a Cisco, however it does not appear to work with the Windows L2TP client or Juniper based LTS.
If I remove the secret from the l2tp config in accel-ppp and the windows client, I’m then able to connect using accel-ppp.
The realm stripping appears to work fine, thank you for adding this.
However, if I disconnect the user and immediately reconnect it doesn’t work straight away.
I have to wait a few minutes and then I can connect again.
Lastly, the authentication/login seems to take a long time when using ACCEL-PPP.
I’ve tested with L2TPNS and it’s instant, under 1 second. When using the Windows L2TP client. However, with accel-ppp it’s takes about 4 seconds to connect.
I’ve found that by setting acct-on=off under [radius] the connection is much faster. But I am then disconnected with the following error:- <Acct-Terminate-Cause NAS-Error>]
I would be grateful for any help you can give.
I’m using accel-ppp version 1.12.0-106-g87f24b5
Thanks,
[Errors after reconnecting]
[2021-01-29 00:32:34]: info: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): send [L2TP tid=13 sid=1 Ns=2 Nr=6 <Message-Type Call-Disconnect-Notify> <Assigned-Session-ID -13422> <Result-Code>]
[2021-01-29 00:32:36]: warn: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): discarding message with invalid tid 0
[2021-01-29 00:32:36]: debug: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): 0 message added to reception queue
[2021-01-29 00:32:36]: debug: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): 0 message acked by peer
[2021-01-29 00:32:36]: debug: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): 0 message processed from reception queue
[2021-01-29 00:32:36]: debug: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): 0 message sent from send queue
[2021-01-29 00:32:37]: warn: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): discarding message with invalid tid 0
[2021-01-29 00:32:37]: debug: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): 0 message added to reception queue
[2021-01-29 00:32:37]: debug: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): 0 message acked by peer
[2021-01-29 00:32:37]: debug: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): 0 message processed from reception queue
[2021-01-29 00:32:37]: debug: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): 0 message sent from send queue
[2021-01-29 00:32:38]: info: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): retransmission #3
[2021-01-29 00:32:38]: info: l2tp tunnel 35803-13 (XXX.XXX.XXX.XXX:37798): retransmit (timeout) [L2TP tid=13 sid=1 Ns=2 Nr=6 <Message-Type Call-Disconnect-Notify> <Assigned-Session-ID -13422>