So to help you debug connection issues you can monitor the VPN log on your UDM/USG. It was fixed with a new update, but as you can see it can also be the client that is the issue. The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer For example, at the beginning of 2022, a Windows 10 and 11 update (KB5009543, KB5009566) cause the following connection error: When your UDM or USG is located behind a modem/router then L2TP VPN connections sometimes won’t work as easily as they should.īesides potential modem/router issues also the client can cause issues with setting up a remote VPN connection. Setting up remote access VPN can sometimes be a bit challenging.
It should immediately connect to your UniFi VPN server.Īs you can see in the screenshot below we have connected the Lazy VPN connection and got an IP Address in the range as configured in the UDM: Troubleshoot UniFi VPN connection issues You can now click on Connect to test the VPN Connection.Select Allow these protocols and enable Microsoft CHAP Version 2 Right-click on your adapter and select Properties You will now see your VPN network adapter.Next, we need to change the VPN Network adapter, to enable MS Chap v2.Fill in the username and password that we created.Enter the pre-shared key that we have set earlier in the UniFi Console.VPN Type > Select L2TP/IPSec with pre-shared key.Enter the public IP Address of your UniFi Console.Enter a connection name, it can be anything you like.Select Windows (built-in) as VPN provider.Open Start and type VPN and select VPN Settings.The steps below are the same on Windows 10 and 11. To use the VPN connection on Windows you don’t need to install any clients. Strong Authentication is needed for the MS-Chap v2 protocol that is used by Windows 10 and 11.įirewall rules are automatically created for the Remote access VPN, so we don’t need to look at them. But more important is to set your internal DNS server and enable Require Strong Authentication. Here you can change the subnet if you need. Set the advanced configuration to Manual. Click on Create a new user and enter a username and password. The next step is to create a new VPN user. Make sure that the Server Address is set to your Public IP Address In the UniFi network app, go to Settings > VPNĮnable the VPN Server and note or change the Pre-shared Key If that isn’t possible, then you will need to forward the following port numbers to your Unifi Network console: This way all traffic will be forwarded directly to your Unifi Network. If you have a modem or router before your UDM or USG, then make sure that the modem/router is set into Bridge mode. Also, make sure that you run the latest firmware on your console. To configure the UniFi VPN you will need to have a UDM model or a USG.
0 kommentar(er)
