No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


AR Router Troubleshooting Guide

This Product Documentation provides guidance for maintaining AR Enterprise Router, covering common information collection and fault diagnostic commands, typical fault troubleshooting guide, and troubleshooting.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
What Are the Causes of the L2TP Dial-up Failure?

What Are the Causes of the L2TP Dial-up Failure?

The causes of the L2TP dial-up failure are as follows:

  • The firewall deployed on the public network or the built-in firewall on the PC discards L2TP packets.
  • The corresponding L2TP port, usually UDP port 1701, is disabled or occupied. For example: ACL or NAT is configured on the port.
  • The user name and password configured on the LAC are incorrect, or no related user is configured on the LNS. Check whether the user password in the AAA view is set to cipher but not irreversible-cipher format.
  • The configuration address, such as the static address of the VT interface, is incorrect.
  • The tunnel authentication modes are different.
  • LCP renegotiation is not configured.
  • The address pool cannot meet user requirement or no address pool is configured.
  • No gateway address is reserved in the IP address pool, so that the gateway address is allocated to users.
  • The LAC and LNS have no reachable routes to each other.
  • An incorrect remote tunnel name is specified in the L2TP group view.
  • The authentication domain is incorrectly configured.
  • The control packets sent by the PC client do not carry the SQ number, so that the L2TP negotiation fails.
  • When IPSec encryption is used, the IPSec parameters on both ends are different.
Updated: 2019-08-09

Document ID: EDOC1000079719

Views: 496086

Downloads: 4534

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next