Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[WhiteFang]

Hello everyone! I need to use DFL-1600 as L2TP/IPsec server for roaming users with certificate or smart card authentication. I mean that there shouldn't be any login/password combination. Client should press "Connect" button, choose certificate and that is all.
Is there any possibilities to do this?
I imported client's certificates and gateway certificate to the router, checked "X.509 Certificate" at the Authentication tab of IPsec Interface and I disabled "Use User Authentication Rules" at the PPP Parameters tab of L2TP server interface. But VPN doesn't work.
Logs:
2013-03-15 19:16:53 Warning RULE 6000051 Default_Rule UDP wan1 23.20.X.X 93.188.X.X 1701 1701 ruleset_drop_packet drop
ipdatalen=46 udptotlen=46
But I have 2 IP rules that works great when using login/password from local DB.

There is an error at the client side when "Verifying user name and password": Error 734: The PPP link control protocol was terminated.

If I use local DB for authentication and certificates instead of PSK all work fine. But I needn't use any DB for authentication. Clients should use only their certificates. All settings of client's connection are correct.

Could anyone help?