No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR Router Troubleshooting Guide

This Product Documentation provides guidance for maintaining AR Enterprise Router, covering common information collection and fault diagnostic commands, typical fault troubleshooting guide, and troubleshooting.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
AR2240 Fails to Establish an L2TP Tunnel with the PC Running Windows 8

AR2240 Fails to Establish an L2TP Tunnel with the PC Running Windows 8

Keywords

AR2240, Windows 8, L2TP, dialup failure

Abstract

The AR2240 fails to establish an L2TP tunnel with the PC running Windows 8. Therefore, the dialup on the PC fails, and the message "VPN Error 628" is displayed.

Problem Description

As shown in Figure 1-1, the AR2240 used as the LNS fails to establish an L2TP tunnel with PC1 running Windows 8. As a result, the dialup on PC1 fails and the message "VPN Error 628" is displayed.

Figure 25-16  Networking where the AR2240 fails to establish an L2TP tunnel with the PC running Windows 8

Device and version: AR2240 V200R003C01SPC900

Configuration file of the AR2240

#
l2tp enable
#
aaa
local-user vpn password cipher %$%$bE%\WX_E<>dY/T7UiW1KTG8x%$%$
local-user vpn service-type ppp
#
interface Virtual-Template1
 ppp authentication-mode chap
 remote address pool l2tp
 ppp ipcp dns 202.103.24.68 202.103.44.150
 ip address 10.18.0.1 255.255.255.0
#
ip pool l2tp
 gateway-list 10.18.0.1
 network 10.18.0.0 mask 255.255.255.0
#
l2tp-group 1
undo tunnel authentication
allow l2tp virtual-template 1
# 

Procedure

  1. Check whether the link or interface of the AR2240 is normal.

    Run the ping command and the display interface brief command to check the link and interface of the AR2240. The command output shows that the link and interface of the AR2240 are normal.

  2. Check whether the AR2240 is correctly configured.

    Check configurations of the AR2240. The IPSec and route configurations are correct.

  3. Check whether PC1 is normal.

    PC1 is normal.

  4. Run the debugging ppp all command and the debugging l2tp control command to view debugging information.

Through analysis, the user name entered on the PC is inconsistent with that configured on the AR2240.

After verification of Windows 8, the backslash (\) needs to be prefixed to the input user name. The backslash (\) was not added originally. In this situation, Windows 8 automatically prefixes the domain name to the user name. Therefore, the authentication fails, and the system displays an error message. Add the backslash (\) to solve the problem, for example: \vpn.

Root Cause

The user's PC runs Windows 8. Prefix the backslash (\) to the input user name, for example: \vpn. Otherwise, Windows 8 automatically prefixes the domain name to the user name, causing a login authentication failure.

Solution

Prefix the backslash (\) to the input user name on PC1, for example: \vpn. Then the dialup on PC1 succeeds.

Suggestion

When the PC running Windows 8 establishes an L2TP tunnel with the AR, the backslash (\) needs to be prefixed to the input user name. Otherwise, Windows 8 automatically prefixes the domain name to the user name, causing a login authentication failure.

Translation
Download
Updated: 2019-05-10

Document ID: EDOC1000079719

Views: 443878

Downloads: 4295

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next