Settings for advanced users. L2TP connections in Windows Windows connecting to l2tp without ipsec

28.09.2020

Just case net promotional codes for money

Download free Kaspersky antivirus - Kaspersky FREE

When activating the iPhone, it says SIM card is invalid. Iphone sim card is not supported.

What is VDS? VPS - what is it? Rating of the best VPS servers for Forex. Free VPS servers Choosing vps hosting

b.VPN offers the user two VPN connections simultaneously. Therefore, if you would like to use the b.VPN service on two devices at the same time, you can use the b.VPN application on one device and manually set up an L2TP VPN connection on the other. Instructions for setting up L2TP VPN on Windows 10.

Important:

* Return to the profile page to view the list of available L2TP VPN servers and the corresponding "Shared Key".

*Your username and password, you have registered an address Email and password for b.VPN.

*You must pay and be a paying user to use the L2TP VPN connection.

Follow these steps to set up L2TP VPN on Windows 10:

Enter in search "Control Panel" and click on the first result.

Click on the button "Network and Internet".

Press "Network and Environment".

Click on the button “Set up a new connection or network.”

Click on the button "Connect to workplace», and then "Further".

Now click on “Use my Internet connection (VPN).”

In field "Server address" insert any b.VPN server that suits you. (For example, ca.usa.site).

In field "Destination name" insert whatever name you prefer. However, we recommend using the server address again. ( ca.usa.site )

Click the button "Create".

Click on the connection icon in the taskbar, and click on the name of the connection you just created.

From the menu below, select "Adapter modification options."

Click right click mouse on the connection name and select "Properties".

Click on the tab "Safety". From the menu "TypeVPN» Select " Layer 2 TunnelingProtocolwithIPsec (L2 TP/ IPsec)» .

Press « Advanced settings".

Select "Use shared key for authentication" and insert the appropriate key. Click the button « OTo".

Today, connecting to the Internet via a local or virtual network based on wireless technologies has become very popular among ordinary users, and among corporate clients. It’s not surprising, because when installing such a secure connection, best protection transmitted and received data, or more simply, outgoing and incoming traffic. One of the most common types is the use of the L2TP connection protocol. What it is and how to set up a connection based on it yourself is what we’re asking you to figure out below. There is nothing fundamentally different from creating a regular connection based on wireless technologies, but many experts advise meeting several conditions and taking into account some recommendations in order to avoid typical mistakes.

L2TP connection: what is it?

First, let's look at what this data or network using exactly this type of access is. In fact, the L2TP protocol is one of the types of installing Internet access on VPN based using so-called tunneling.

When connecting computers to the Internet in this way, the greatest possible privacy is ensured. And this is achieved not only because access to the tunnel is blocked, but also because all input and output data is encrypted. Plus, there are verification keys on both sides. In other words, without knowing the automatically generated keys, no one can steal or view information. In addition, as is already clear, it is in encrypted form.

Prerequisites for the connection to work

But these were just brief theoretical information, so to speak, for general development. Now let's move on to practical actions and consider using an L2TP connection. What kind of technology this is, I think, is a little clear, so the basic steps for creating such a connection will be practically no different from the standard one.

However, before engaging in such actions, pay attention to several mandatory points, without which the connection being created will not only not work, it will not even be possible to create it. The main criteria are:

operating system no lower Windows Vista(recommended), although customization is also possible in XP;
availability of the address of the corporate server to which the connection is supposed to be made;
Availability of login and password to enter the network.

The initial stage of creating a connection

So, first you need to enter the “Network and Sharing Center” shared access"(you can call this section either from the standard Control Panel or through the RMB menu on the network icon in the system tray (to the left of the clock and date).

Choose the first one, since using the second one only makes sense if the connection is made through an operator mobile communications using a modem.

Next, the question of how to set up an L2TP connection involves choosing a delayed connection rather than an immediate connection (this action is recommended, but not required, and there is no single solution on this matter).

At the next stage, be especially careful, since the accuracy of entering the server address plays a paramount role here. Enter the address, enter an arbitrary name for the new connection (destination type), and then in the checkbox, check the box to remember the entered data (this will save you from constantly entering information during subsequent logins). Next, simply click the create connection button, after which it will appear in the section network settings and in the system tray.

VPN type

Now the most important thing. A new connection seems to have been created, but without additional settings it may not work correctly.

Use the connection properties through the RMB menu, and then on the security tab for the L2TP connection type, select the protocol of the same name with IPsec (security level). This is also a required parameter. All other settings offered for use by default can, in principle, be left unchanged.

Sometimes, on some non-standard router models, you will need to specify the PPTP L2TP connection type in the web interface parameters, but when using regular routers and ADSL modems, such actions are not required.

Possible errors and failures

As for the occurrence of errors and failures when establishing an Internet connection through the created connection, there can be any number of problems. The most important thing is the usual carelessness of the user, who simply entered the server address incorrectly or entered an invalid login and password.

The second point to pay attention to is the properties of the IPv4 protocol. Its parameters and settings must necessarily indicate automatic acquisition of all addresses, including both IP and DNS. In addition, the use of proxies must be disabled for local addresses. Keep in mind that with static IPs wireless technologies they don't want to work. The only option is to connect several terminals combined into a local or virtual network through one L2TP server (in this case, logins and passwords are assigned to each machine).

Finally, if errors occur even with this formulation of the question, try using free DNS addresses for the preferred and alternative server, provided, for example, by Google (combinations of fours and eights).

Instead of an afterword

That's all there is to it regarding the L2TP connection. What kind of technology this is and how to establish the appropriate connection, I think, is already clear. If you look closely at the practical steps, they all represent a standard procedure for creating a VPN connection. The only difference is that you must specify the address of the corresponding server and select the protocol with the preferred level of protection. Router settings in this material were not considered fundamentally, since in most cases it is possible to do without changing them.

How many VPN tunneling protocols are there now: OpenVPN, L2TP, SSTP, PPTP, IPSec. All are interesting in their own way. The most commonly used are PPtP and L2TP+IPSec due to the fact that they are built into the Windows operating system. The article is being written in continuation of setting up an L2TP+IPSec and PPtP server on MikroTik. Let us remind you that this is setting up a combination of PPtP and L2TP+IPSec server. Unlike Apple, Microsoft did not remove PPtP from Windows 10 and other systems, and both protocols can be used with our server.

Go to the Network and Sharing Center:

This can be done either by left/right clicking on the network icon in the tray or through the control panel.

Click on setting up a new connection or network:

Select a connection to your workplace:

Select: Use my Internet connection (VPN)

Let's enter the username and password in the fields. You can also check two boxes.

After clicking the connect button, the selection of protocols for connecting to our server begins:

The default connection will be configured using PPtP:

Return to the Network and Sharing Center and click on VPN connection:

Click properties:

Go to the security tab and change the protocol to L2TP IPsec VPN:

Press the button Extra options and enter the preliminary key (IPsec secret).

Having examined in detail in the previous article how to raise the server part of a VPN connection on the Windows platform, we move on to setting up an L2TP client connection. To begin with, I would like to remember this L2TP just in case.

L2TP is a Layer 2 tunneling protocol, a more advanced protocol built on PPTP and L2F (Cisco's Layer 2 Forwarding Protocol). Its advantages include much higher security due to encryption using the IPSec protocol and combining the data channel and control channel into one UDP session. For this protocol to work, you must have 2 open ports in the outside. These are the rules for port 1701 (TCP) and 500 (UDP). You can read how to create such rules in a standard firewall if you are directly connected to the Internet. If you are behind a router, you can read here.

But we’ve already read all this, we know. Therefore, let’s get down to setting up a client VPN connection for L2TP.

First you need to go to Control Panel, in Win7 all you have to do is click Start. and go to Control Panel. Next, depending on the display settings, we either click Network and Internet-> -> . Or we go straight to Network and Sharing Center -> Setting up a new connection or network.

A wizard will appear Installation and connections and networks. Choose Connection to the workplace

Next, enter the Internet address (server address) and the name of the connection to be created, best of all Allow other users to use this connection. Also, just in case, I advise you to check the Don’t connect now box. Because we will configure the VPN settings manually.

Our connection has been successfully created. Now you need to configure it. Go to the section Changing adapter settings from the window Network and Sharing Center.

There we look for our VPN connection and use RMB to go to the menu item Properties. On the tab Safety V VPN type select L2TP.

Since the technology of the L2TP protocol is a technology with increased security due to encryption via the IPSec protocol, we can set it on the server ourselves, or face the fact that a Pre-shared key for authentication is already set there. It should be entered in the section Safety -> Extra options-> Enter the key in the field Use a pre-shared key to authenticate In fact, that's all. There is nothing more to configure on the client side using the L2TP protocol. If you suddenly get error 789 when connecting, don’t be upset, these are the guys from the small-soft office who again forgot to finish what they were doing. But you can read the solution to Error 789 l2tp.

L2TP protocol is more preferable for building a VPN networks than PPTP, this mainly concerns security and higher availability due to the fact that a single UDP session is used for data and control channels. Today we will look at setting up an L2TP VPN server on the Windows server 2008 r2 platform.

PPTP

Point-to-Point Tunneling Protocol is a protocol invented by Microsoft for providing VPN over dial-up networks. PPTP has been the standard protocol for VPNs for many years. It is a VPN protocol only and relies on various authentication methods to provide security (the most commonly used is MS-CHAP v.2). Available as a standard protocol in almost all operating systems and devices that support VPN, which allows you to use it without the need to install additional software.

Pros:

PPTP client is built into almost all operating systems
very easy to set up
works quickly

Minuses:

insecure (the vulnerable authentication protocol MS-CHAP v.2 is still used in many places)

L2TP and L2TP/IPsec

Layer 2 Tunnel Protocol is VPN protocol, which by itself does not provide encryption and privacy for traffic passing through it. For this reason, IPsec encryption protocol is typically used to ensure security and privacy.

Pros:

very safe
easy to set up
available on modern operating systems

Minuses:

works slower than OpenVPN
may be required additional customization router

And so let's go back to the settings for deployment VPN L2TP servers we will use Windows Server 2008 R2, however, everything said, with minor amendments, will be true for other Windows versions Server.

We will need an installed role, which should contain how to do this, we described in detail in the previous article where we raised PPTP VPN, Therefore, I see no point in describing this process again; further we will assume that the role Network Policy and Access Services you already have installed and contains Routing services and remote access . General deployment VPN L2TP servers very similar to deployment PPTP VPN, with the exception of a few settings which we will talk about in detail.

Go to Server Manager: Roles -Routing and remote access, right-click on this role and select Properties, on the tab Are common check the boxes IPv4 router, select local network and call on demand, And IPv4 remote access server:

Now we need to enter the pre-shared key. Go to the tab Safety and in the field Allow specific IPSec policies for L2TP connections check the box and enter your key. ( About the key. You can enter an arbitrary combination of letters and numbers there; the main principle is that the more complex the combination, the safer it is, and remember or write down this combination; we will need it later) In the tab Authentication Service Provider select Windows - Authentication.

Now we need to configure Connection security. To do this, go to the tab Safety and choose Authentication Methods, check the boxes EAP protocol And Encrypted verification (Microsoft version 2, MS-CHAP v2):

Next let's go to the tab IPv4, there we indicate which interface will accept connections VPN We will also set up a pool of addresses issued to clients L2TP VPN on the tab IPv4 (Set the interface to Allow RAS to select an adapter):

Now let's go to the tab that appears Ports, right-click and Properties, select a connection L2TP and press Tune, we will display it in a new window Remote access connection (incoming only) And On-demand connection (incoming and outgoing) and set the maximum number of ports, the number of ports must match or exceed the expected number of clients. It is better to disable unused protocols by unchecking both checkboxes in their properties.

As a result, you should have only the ports you need in the number you specified in your list of ports.

This completes the server setup. All that remains is to allow users to connect to the server. Go to Server Manager: Configuration - Local users and groups - Users -Select user and right click - Properties. On the tab Incoming calls - Network access rights expose Allow access. (If your server is running Active Directory, then the settings must be entered in the appropriate equipment)

And don’t forget to transfer the ports on your router, and also open them in your Firewall:

IKE - UDP port 500 (Receive\Send)

L2TP - UDP port 1701 (Receive\Send)

IPSec ESP - UDP port 50 (Receive\Send)

IPSec NAT-T - UDP port 4500 (Receive\Send)