Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to connect windows 7 client to l2tp/ipsec on pfsense

    Scheduled Pinned Locked Moved IPsec
    2 Posts 2 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Snailkhan
      last edited by

      Hi,
      I have tried to follow below guide with some confusions/assumptions and configured pfsense as the guide says but i cannot connect a windows 7 enterprise client to it.

      https://doc.pfsense.org/index.php/L2TP/IPsec

      while following above guide i have faced ambiguity in below parts of guide.
      Under heading
      Setup L2TP
      Configure L2TP Server

      Set Server Address to an unused private subnet IP, such as 192.168.32.1
      NOTE: This is not a public IP address or "listen" IP for the L2TP service, it is a local IP address set as the "gateway" on the clients
      Set Remote Address Range to an unused private subnet, such as 192.168.32.128
      

      When i tried as mentioned above it would complain about some ip and i selected diffrent subnet for both i.e.  gateway address and remote address range fields.

      Under "Setup IPsec" "Phase 1"

      it doesnt mentions of "Remote gateway"

      and if i enter nothing in it i get below error upon saving it

      i entered my wan address (ddns name ) ..

      The following input errors were detected:
      
      The field Remote gateway is required. 
      
      

      the guide also doesnt mentions anything about preshared key available in pfsense at below location
      "Phase 1 proposal (Authentication)" "Pre-Shared Key"

      though the guide says to configure authenticatoin to mutual psk

      then in the portion of guide
      "Pre-Shared Key"
      it says creatin of shared key .. how it relates to above one?

      in my case i have entered different preshared key at both locations and vpn from windows 7 client cnanot connect and gives error  789
      i hope i am not following that guide too religiously…

      1 Reply Last reply Reply Quote 0
      • D
        David_W
        last edited by

        L2TP/IPsec is troublesome. You are better off deploying IKEv2, which works fine with the client built in to Windows 7.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.