Инструкция подключения IPSec/L2TP на Windows

Windows 10 and 8.x

  1. Right-click on the wireless/network icon in your system tray.
  2. Select Open Network and Sharing Center. Or, if using Windows 10 version 1709 or newer, select Open Network & Internet settings, then on the page that opens, click Network and Sharing Center.
  3. Click Set up a new connection or network.
  4. Select Connect to a workplace and click Next.
  5. Click Use my Internet connection (VPN).
  6. Enter Your VPN Server IP in the Internet address field.
  7. Enter anything you like in the Destination name field, and then click Create.
  8. Return to Network and Sharing Center. On the left, click Change adapter settings.
  9. Right-click on the new VPN entry and choose Properties.
  10. Click the Security tab. Select "Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec)" for the Type of VPN.
  11. Click Allow these protocols. Check the "Challenge Handshake Authentication Protocol (CHAP)" and "Microsoft CHAP Version 2 (MS-CHAP v2)" checkboxes.
  12. Click the Advanced settings button.
  13. Select Use preshared key for authentication and enter Your VPN IPsec PSK for the Key.
  14. Click OK to close the Advanced settings.
  15. Click OK to save the VPN connection details.

Note: A one-time registry change is required before connecting. See details below.

Windows 7, Vista and XP

  1. Click on the Start Menu and go to the Control Panel.
  2. Go to the Network and Internet section.
  3. Click Network and Sharing Center.
  4. Click Set up a new connection or network.
  5. Select Connect to a workplace and click Next.
  6. Click Use my Internet connection (VPN).
  7. Enter Your VPN Server IP in the Internet address field.
  8. Enter anything you like in the Destination name field.
  9. Check the Don't connect now; just set it up so I can connect later checkbox.
  10. Click Next.
  11. Enter Your VPN Username in the User name field.
  12. Enter Your VPN Password in the Password field.
  13. Check the Remember this password checkbox.
  14. Click Create, and then Close.
  15. Return to Network and Sharing Center. On the left, click Change adapter settings.
  16. Right-click on the new VPN entry and choose Properties.
  17. Click the Options tab and uncheck Include Windows logon domain.
  18. Click the Security tab. Select "Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec)" for the Type of VPN.
  19. Click Allow these protocols. Check the "Challenge Handshake Authentication Protocol (CHAP)" and "Microsoft CHAP Version 2 (MS-CHAP v2)" checkboxes.
  20. Click the Advanced settings button.
  21. Select Use preshared key for authentication and enter Your VPN IPsec PSK for the Key.
  22. Click OK to close the Advanced settings.
  23. Click OK to save the VPN connection details.

Note: This one-time registry change is required if the VPN server and/or client is behind NAT (e.g. home router).

To connect to the VPN: Click on the wireless/network icon in your system tray, select the new VPN entry, and click Connect. If prompted, enter Your VPN Username and Password, then click OK. You can verify that your traffic is being routed properly by looking up your IP address. It should say "Your public IP address is Your VPN Server IP".

Troubleshooting

Windows Error 809

To fix this error, a one-time registry change is required because the VPN server and/or client is behind NAT (e.g. home router). Download and import the .reg file below, or run the following from an elevated command prompt.

For Windows Vista, 7, 8.x and 10 download .reg file

REG ADD HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f

For Windows XP ONLY download .reg file

REG ADD HKLM\SYSTEM\CurrentControlSet\Services\IPSec /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f

Although uncommon, some Windows systems disable IPsec encryption, causing the connection to fail. To re-enable it, run the following command and reboot your PC.

For Windows XP, Vista, 7, 8.x and 10. download .reg file

REG ADD HKLM\SYSTEM\CurrentControlSet\Services\RasMan\Parameters /v ProhibitIpSec /t REG_DWORD /d 0x0 /f

Windows Error 628 or 766

To fix these errors, please follow these steps:

  1. Right-click on the wireless/network icon in your system tray.
  2. Select Open Network and Sharing Center. Or, if using Windows 10 version 1709 or newer, select Open Network & Internet settings, then on the page that opens, click Network and Sharing Center.
  3. On the left, click Change adapter settings. Right-click on the new VPN and choose Properties.
  4. Click the Security tab. Select "Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec)" for Type of VPN.
  5. Click Allow these protocols. Check the "Challenge Handshake Authentication Protocol (CHAP)" and "Microsoft CHAP Version 2 (MS-CHAP v2)" checkboxes.
  6. Click the Advanced settings button.
  7. Select Use preshared key for authentication and enter Your VPN IPsec PSK for the Key.
  8. Click OK to close the Advanced settings.
  9. Click OK to save the VPN connection details.