NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Arronj's avatar
Arronj
Aspirant
Oct 16, 2016

FVS336Gv3 - L2TP/IPsec on Windows 10

I have a Windows Server running RRAS with PPTP. The FVS forwards this with no problem. 

The problem is we now need to move to L2TP. I have created this on the Windows server, and from within the LAN, a client machine (my laptop) can connect directly to the server(using the internal server name). But as soon as I go outside the network it doesn't work (using external address). 

 

 

We do have a site to site IP SEC VPN running between this FVS and one in another site. I hope this isn't causing the problem??

 

I have forwarded UDP 500, 4500, 1701 and pretty much every other port in desperation. I have enabled L2TP Passthrough. I have made sure the external address is pingable. I have upgraded the firmware today to 4.3.4-1.

 

Any suggestions greatfully welcome!

 

thanks,

Arron

9 Replies

    • Arronj's avatar
      Arronj
      Aspirant

      Thanks for the response Dane

       

      I would prefer to use the VPN server I already have on my Windows server. 

       

      Having said that, I have already been through this as a test and following that guide I did manage to establish an L2TP connection to the FVS, no traffic went through, and I couldn't ping or connect to anything. 

       

      The setup is: 

       

      [Windows Server]---Lan---[FVS336Gv3]---[FIBRE MODEM]---[WWW]

       

      The Fibre modem and the FVS both have public static IP addresses, and the FVS is in the DMZ of the modem. 

       

      thanks,

       

      Arron

      • Suli's avatar
        Suli
        NETGEAR Expert

        Hi Arronj,

         

        Welcome to the community!

        You should connect your Windows Server to FVS336Gv3 LAN port ,not DMZ port. FVS336Gv3 only supports access LAN by L2TP from WAN side.

         

        Thanks

        Suli

  • Hi Suli

    Thanks, but the server is connected via the LAN port. It's the FVS that it is the the modem's DMZ.

    Arron
      • DaneA's avatar
        DaneA
        NETGEAR Employee Retired

        Hi Arronj,

         

        Kindly enable WAN to LAN logging on the firewall.  This will let us see if the L2TP traffic coming from external is hitting the FVS336Gv3 and if it is then forwarding the traffic to the correct LAN IP for the Windows Server. This will help us to see if the problem is before the FVS336Gv3 or after the traffic hits the FVS336Gv3.

         

        Also, kindly setup a simple firewall rule to pass other traffic to the server, like RDP (TCP 3389) just to see if it can pass OK to the server.

         

        Let us know the results.  

         

         

        Regards,

         

        DaneA

        NETGEAR Community Team

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More