How to connect to VPN L2TP server (Mikrotik) behind NAT if all ports are open?

V

Vitaly2018-06-26 10:45:34

VPN

Vitaly, 2018-06-26 10:45:34

All the best!
I have a Mikrotik Cloud Hosted Router, but unfortunately it is behind NAT. All ports are forwarded to mikrotik. An L2TP / IpSec server is configured on Mikrotik, and it’s interesting that with mac OS and IOS the connection goes with a bang, but with Windows there are problems, they won’t connect to any :(
In the process of connecting from Windows, I see on mikrotik that it’s still ipsec connects (in peers) but then the connection is broken, here is the log:

ISAKMP-SA established 172.21.xx[4500]-clientIP[4500] spi:a841776.
purging ISAKMP-SA 172.21.xx[4500]<=>clientIP[4500] spi=a841776.
ISAKMP-SA deleted 172.21.xx[4500]-clientIP[4500] spi:a841776 rekey:1

In windows I get error 809 , I googled that this problem is due to the fact that the VPN server is behind NAT and it should be done by editing the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent registry , namely adding the AssumeUDPEncapsulationContextOnSendRule parameter there with values 1 or 2 , but all without result :(
Please tell me how to overcome this problem

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

V

Vitaliy, 2018-07-27
@Scorpiored88

This is done by editing the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent registry, namely by adding the AssumeUDPEncapsulationContextOnSendRule parameter there with values 1 or 2.
And do not forget to restart the PC after that