I have an office LAN protected using a Zyxel Zywall USG 300. I've set up an L2TP/ipsec VPN on that which accepts connections using a shared secret and I've tested this from multiple clients.
I have a server offsite and want to set up RRAS to use a persistent connection to the VPN so that it can carry out network jobs even with no one logged in (I'm using it for Micorosft DPM secondary backup).
If I create a vpn as if I were setting up a users laptop it can dial in no problem but if I set up a demand dial interface in RRAS it errors.
- I enable RRAS ticking only demand dial interface (branch office routing)
- Select network interfaces, right click and choose new demand dial interface
- Name the VPN ToCompany
- Select connect using VPN
- And then L2TP as the vpn type
- enter the IP address (double-checked for typos!)
- select Route IP packets on this interface
- specify static route to remote network as 10.0.0.0/24 with metric of 1
- add dial out credentials (again double checked for typos and confirmed with other vpn connections
- click finish
- now I right-click on the new interface and choose properties and then the security tab
- I change Data encryption to optional
- select only PAP for Authentication (both as per manufacturer of Zywall)
- click advanced settings against type of vpn and set shared secret
- then I select the new interface, right-click and choose connect
this dials and then errors with either 720 or 811 as the error codes. However, if I create a VPN by going to Network & Sharing center and setting up as if I was creating a VPN from my laptop to the office (say) it dials successfully
so I know the VPN settings are correct and the machine can connect to the VPN.
Suggests very strongly the problem is how I'm setting up RRAS. Can anyone help?
You're failing on phase 1(IKE).