Applies to platform: Any PC running Windows 10.
Background
This lesson describes how to connect a personal computer running Microsoft Windows 10 to an existent and running IPsec installation on an Endian UTM appliances using PSK (password) authentication.
Before you start
Warning for special setups
If both the Windows client and the Endian UTM Appliance are behind a NAT device, please follow this tutorial on the Windows client and in step 7. write 2 in the Value Data box, then save the settings and restart the Windows system.
Warning
If you are experiencing The modem (or other connecting device) is already in use or is not configured properly error while trying to connect, you will need to follow this tutorial on the Windows client. If you do not detect any process using port 1723, simply add the registry value as explained and restart your Windows machine to apply the settings.
Note
The connection via L2TP/IPsec requires the following data, that should have been previously configured on the VPN/IPsec server:
- The IP address or hostname of the L2TP/IPsec (i.e., of the Endian UTM appliance where the IPsec server runs).
- The PSK secret, i.e., the password of the IPSec tunnel, that can be retrieved under Menubar > VPN > IPsec, by clicking on the Edit icon next to the connection, and then looking in the Authentication box.
- The username and password of the L2TP user. The username is retrievable from Menubar > VPN > Authentication, and the user must be allowed to use L2TP.
You should write the above mentioned data down or remember it, since you will have to enter them in the corresponding configuration sections of your device.
The configuration of a connection from Microsoft Windows 10 to an Endian UTM Appliance via IPsec and L2TP can be carried out in two phases: In the first phase you define a new connection to the Endian UTM Appliance via VPN, providing all the necessary parameters, while in the second phase you define the proper L2TP settings. You should have administrator rights to set up the connection.
Setup of a VPN connection to the Endian UTM Appliance
1. The first phase starts by clicking on the Windows logo to open the menu, then to click on the Settings icon (the gear icon).
2. In the control panel, click on Network & Internet menu.
3. Here, click on VPN voice in the left panel, then on Add a VPN connection to open the configuration form.
4. Fill all the fields as shown into the pictures below, considering the following custom values which are the data required before starting with this tutorial:
- The Server name or address is the IP address or hostname of the L2TP/IPsec (i.e., of the Endian UTM appliance where the IPsec server runs).
- The pre-shared key is the PSK secret, i.e., the password of the IPSec tunnel, that can be retrieved under Menubar > VPN > IPsec, by clicking on the Edit icon next to the connection, and then looking in the Authentication box.
- The username and password of the L2TP user. The username is retrievable from Menubar > VPN > Authentication, and the user must be allowed to use L2TP.
then click on Save.
Set up of the L2TP connection
1. The second phase starts by proceeding with the advanced configuration of the VPN connection just created, click on Change adapter options.
2. Right-click on the adapter called with the same name of the VPN profile previously created (in our example, it is Endian IPSec L2TP Test VPN), then click on Properties.
In the properties' window that opens, click on the Security tab, then do the following:
- Choose Layer2 Tunneling Protocol with IPsec (L2TP/IPsec) as Type of VPN.
- Select Require encryption (disconnect if server declines) as Data Encryption.
- Chose Unencrypted password (PAP) as the only allowed protocol.
- Click on OK to close the pop up window.
Click again on OK to finish and to save the set up.
You should now be able to connect via L2TP to your Endian UTM Appliance.
Comments