Error 792 - The L2TP connection attempt failed because security negociation timed out

Error 792 - The L2TP connection attempt failed because security negociation timed out

Post by Guillaume » Mon, 21 Mar 2005 23:55:00


Hi,

I recently set up a VPN access for my company employees. I chose L2TP/IPSec
for the tunneling protocol and EAP-TLS for the authentication protocol for
maximum security. The VPN access works pretty well, but sometimes, when a
user tries to connect, he receives the message : "Error 792 - The L2TP
connection attempt failed because security negociation timed out". A entry
is also written in the security event log :


Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 547
Date: 20/03/2005
Time: 00:46:17
User: NT AUTHORITY\NETWORK SERVICE
Computer: TITUS
Description:
IKE security association negotiation failed.
Mode:
Key Exchange Mode (Main Mode)

Filter:
Source IP Address 192.168.2.25
Source IP Address Mask 255.255.255.255
Destination IP Address 193.31.14.117
Destination IP Address Mask 255.255.255.255
Protocol 0
Source Port 0
Destination Port 0
IKE Local Addr 192.168.2.25
IKE Peer Addr 193.31.14.117

Peer Identity:
Certificate based Identity.
Peer Subject
Peer SHA Thumbprint 0000000000000000000000000000000000000000
Peer Issuing Certificate Authority
Root Certificate Authority
My Subject CN=titus.aliantiz.org
My SHA Thumbprint 381ed26a335e9fe1a56d4f119e7bd4fdf2565986
Peer IP Address: 193.31.14.117

Failure Point:
Me

Failure Reason:
Negotiation timed out

Extra Status:
0x0 0x0


So it seems that the VPN server does not send a correct computer certificate
(Peer SHA Thumbprint 0000000000000000000000000000000000000000).

If the user waits for several minutes before attempting to connect again,
then it works. The problem seems to occur only with the Windows XP VPN
client (not with the Windows Server 2003 VPN client).

The VPN server is an ISA Server 2004 server, directly connected to the
Internet (there is no server between the Internet network and the ISA
server). We use RADIUS for authentication (the ISA computer is not part of
the domain).

How can I troubleshot this error ? Any help would be appreciated !

Thanks.
--
Guillaume Tamisier
 
 
 

1. Error 792: The L2TP connection attempt failed because security neg

2. L2TP IPSec error 789 & 792

Currently trying to implement L2TP IPSec on RRAS. Remote clients report they
receive error code 789/792 when they try L2TP type of connections. PPTP
remote clients report no problems connecting. A Client computer on the LAN in
a different subnet, can connect to the RRAS server WAN port with L2TP IPSec
without a problem. Using a preshared key for L2TP IPSec.

The perimeter router has IPSec passthrough, L2TP passthrough enabled as well
as single port forwarding of UDP port 1701 packets.

RRAS server has PPTP L2TP, ESP, AH filters enabled with allow connection.

At a lost as to why L2TP IPSec times out with error 789 and/or 792.

3. IPSec - The L2TP connection attempt failed because security policy

4. VPN L2TP [Error 786: The L2TP connection failed bec...]

5. VPN L2TP Error 781: The encryption attempt failed because no valid certificate was found

6. Error 781: Attempting L2TP VPN connection

7. Connections with time-outs fail

8. NT Remote Connection Client fails reconnect attempts fail after network error.

9. SQL30082N Attempt to establish connection failed with security reason "24" ("USERNAME AND/OR PASSWORD INVALID").

10. drivers/gpu/drm/i915/i915_suspend.c:792: error: const struct intel_device_info has no member named gen

11. error 792

12. Getting Error 792...

13. SQL30082N Attempt to establish connection failed with security reason "24"

14. MATLAB Error in ==> sym.sym>sym.gt at 792 <-------HELP PLEASE