Topic: dfl-200 vpn trouble (Read 4563 times)

duffy · « **on:** June 09, 2009, 03:34:56 PM »

hi forum!
my scenario is very simple: there's a natted lan behind the dfl-200 and i want to reach that network with a vpn connection. if i create a pptp server on the fw, everything is ok [i can connect to it with xp or vista]. now i would upgrade my vpn to a l2tp over ipsec connection but the fw drops my requests. i also read this topic @http://forums.dlink.com/index.php?topic=2741.0 but there are too much differences between the models. where am i wrong? why the dfl-200 drops "destport=1701" if i activate [would like to activate $:-\$ ] a l2tp server on this port?
thank in advance for your feedback!!

fw log:
[2009-06-09 23:43:16] <5>EFW: DROP: prio=2 rule=dropall-final action=drop recvif=WAN srcip="my_ip" destip="wan_ip" ipproto=UDP ipdatalen=115 srcport=34789 destport=1701 udptotlen=115

wan->lan policy [i don't know if it's important]:
allow lt2p-ipsec allow l2tp-raw

l2tp vpn:
outer ip - wan ip inner ip - lan ip auth proto - pap, chap, mschap, mschapv2 require ipsec encryption with psk

Fatman · « **Reply #1 on:** June 09, 2009, 04:10:09 PM »

That model is quite out of date and no longer supported, but it appears to have L2TP over IPsec support. It would not use multiple tunnels in conjunction as you would see on a DFL-210 for example, there is an IPsec configuration section on the L2TP server config.

Beyond that it is going to be up to your testing.

D-Link Forums

News:

Author Topic: dfl-200 vpn trouble (Read 4563 times)

duffy

dfl-200 vpn trouble

Fatman

Re: dfl-200 vpn trouble