cancel
Showing results for 
Search instead for 
Did you mean: 

Windows VPN client trouble with L2TP and IPSEC

Flaggers
Member

netgear fvs336gv3 with a static public IP and VPN setup for L2TP.
Behind the BT Business HUB 3.0
I have Port Forwarding on the Hub 3.0 for the existing service called IPSEC-IKE (dont know what port that actuall refers too i assume its 500)
And also port 1723 both forwarded to the netgear VPN router.

I am unable to get a Windows VPN client (L2TP) or the Netgear prosafe client software(IPSEC) to connect to the VPN, and the logs do not point me in any significant direction, that it nothing appears in the logs so i believe it could be an issue on the Hub 3.0

Possible its something to do with a NAT device behind another NAT device? if so is there a way to still use the HUB 3.0 with the Netgear behind it for L2TP, i already have a complex setup on the HUB 3.0 I dont fancy replacing it.

11 REPLIES 11

spank
Grand Guru

In that case you will need to use the hub and openreach modem with your firewall.  Assign an IP manually to the firewalls WAN and turn off the firewall on the BT router.  SHould work.

 

Or invest in a draytek 2860 and use IP aliasing which will allow the router to be assigned an IP in your static range.

Flaggers
Member

I have tried using:

Openreach -> BT Hub 3 (firewall off) peer addressed WAN -> Netgear FVS336G assigned one of my static IP addresses.

 

This stilll does not work, L2TP vpn clients cannot connect, I confirmed this with netgear that the configs were all correct and they were stumped as well.

 

My next thought was to get BT to reduce my multi IP block to a single static IP purely to test whether the peer addressed WAN IP was causing this issue.

 

Thanks for the draytek suggestion I have seen that mentioned around in response to replacing the openreach and hub, its always good to get some backup recommendations.