Dlink DFL-700 L2TP over IPsec

[peet1]

I’ve got a DLink DFL-700 that will provide PPTP VPN services perfectly to a the built in VPN client in 10.4.x. L2TP over IPsec is another issue. I’ve tried most every configuration that I can come up with on the DFL-700, but I can’t get the built in OSX client to connect. I don’t think Internet Connect does much (if any logging), so this is what the 700 tells me …

—–
[2006-05-03 10:55:40] <4>EFW: IPSEC: prio=3 Can not get QM policy for ipv4(udp:1701,[0..3]=69.144.6.135) <-> ipv4(udp:55919,[0..3]=10.8.39.102)

[2006-05-03 10:55:40] <5>EFW: CONN: rule=IPsecBeforeRules conn=open connipproto=UDP connrecvif=WAN connsrcip=150.131.192.207 connsrcport=4500 conndestif=core conndestip=69.144.6.135 conndestport=4500

[2006-05-03 10:55:39] <5>EFW: CONN: rule=IPsecBeforeRules conn=open connipproto=UDP connrecvif=WAN connsrcip=150.131.192.207 connsrcport=500 conndestif=core conndestip=69.144.6.135 conndestport=500
—–

The 700’s set with a PSK, IKE XAuth (I’m not sure if that’s supported, but I’ve tried it both ways), under an advanced tab there are two lists for the Cipher proposal List for both the IKE and the IPsec Ciphers. I’ve got this very strong feeling that if I what Apple starts with at the top of that list it just might work out, but I don’t know what Apple’s default ciphers are. (I just hope it’s one in the list!)

I could be spitting up wind … any other ideas would be very much appreciated.

Thanks.peet

[peet1]

A little follow up info that I didn’t have originally … if I just pass L2TP and IPsec to my server (Bypassing the 700) the VPN works, so I know that atleast the networks have no problems establishing the connection.

Silly me I found the log for Internet Connect, sadly it’s not very helpful (even in ‘verbose’ mode) this is what she says …

Wed Jan 11 15:22:01 2006 : L2TP connecting to server ‘xxx.xxx.xxx’…
Wed Jan 11 15:22:01 2006 : L2TP sent SCCRQ
Wed Jan 11 15:23:01 2006 : L2TP cannot connect to the server

peet

[Author]

Posts