I am trying to connect from a Windows 10 client to an Ubiquiti EdgeRouter VPN, I went through the instructions on https://help.ubnt.com/hc/en-us/articles/204950294-EdgeRouter-L2TP-IPsec-VPN-Server but whenever I try to connect to the VPN I get the following:
Can't connect to
The L2TP connection attempt failed because the security layer could not negotiate compatible parameters with the remote computer.
I did some research and changed the VPN security properties to allow Microsoft CHAP Version 2 (MS-CHAP v2) and also Challenge Handshake Authentication Protocol (CHAP) but it didn't seem to make a difference at all.
At the same time I have no problems whatsoever to connect from a macOS High Sierra client. So my guess is that there is something wrong on the client side (Windows VPN settings)? Can anybody help me out with this?
Best Answer
That error message probably means that there is some level of connection between Windows and the Ubiquiti but they failed to find a common encryption method. For phase1 (key exchange) Windows (version 1803) is proposing the following encryption methods (in this priority order):
For phase2:
Make sure the Ubiquiti can accept one of these proposals so try to set the phase1 and phase2 proposals on the Ubiquiti to something like this.
I would also enable NAT-Traversal too:
I do not really know Ubiquiti but maybe this helps.