we did not configure any IKE related command on USG5300,But when WINDOWS 8 installed L2TP VPN client connect the LNS ,
we can see the “connection fail “ error ,by” debugging l2tp “all and ”debugging ppp all” , there are many IKE negotiation fail message displayed .
1.checking the L2TP configuration on PC ,and it is corret .
2.checking the L2TP configuration on Firewall ,also there is no problem ,
3.connect by L2TP VPN CLENT SOFTWARE in window7 ,and there is no any problem.
4.open the debug and find that there are many IKE negotiation fail message .
By default ,Windows 8 OS use IPSec to transmit the L2TP data ,in this case ,if customer connect the LNS by Windows L2TP client ,the computer will Build the IKE session first ,but on the USG there is not any IKE configurations ,finally the IKE connect will fail .we can forbid this default policy in Registry table .
Open “run” and input “regedit”
Search the main key with this path:“ HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rasman\Parameters ”.
Add a value(DWORD) for this Main key ,VALUE: ProhibitIPSec ,data type : REG_DWORD,value :1 .
Please note that regardless of 32-bit OS machine or 64-bit OS machine ,please create DWORD type ,and the name is “ProhibitIPSec”,
The upper case and lower case must be the same strictly.
Configuration is as below :
5.reboot the pc and the configuration will take effect.
6. connect again and it will be successful
On windows8 installed L2TP client ,if it cannot connect the LNS ,please open the debug switch to see the negotiate message ,so that we can know the where is the error .