Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
Huawei AR207V-P Remote us...

Huawei AR207V-P Remote user L2TP over ipsec vpn failing on chap authentication

Created: Aug 12, 2019 14:32:07Latest reply: Aug 14, 2019 06:20:06 631 2 0 0 0
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#

Hi,


I am trying to create a l2tp over ipsec vpn for remote users to connect to router using pc running windows 10 but I am unable to establish vpn from last 20 days.


I can see IKE sa and ipsec sa phase completed but vpn getting disconnected after these events in less than 20 seconds and when I am debugging nothing much in ike and ipsec but on ppp chap debug I am getting the below message.


I am using local authentication to test if I do without ipsec it only works on windows xp and vpn get connected.


I am unable to understand what mistake I am doing and why its keep failing?


my aaa config as below:


aaa

 authentication-scheme default

 authentication-scheme l2tp

 authorization-scheme default

 authorization-scheme l2tp

 accounting-scheme default

 domain default

 domain default_admin

 domain l2tp

  authorization-scheme l2tp

 local-user root password cipher XXXXXX

 local-user root privilege level 15

 local-user root ftp-directory flash:

 local-user root service-type ssh

 local-user admin password cipher XXXXXX

 local-user admin service-type telnet http

 local-user test1 password cipher XXXXXX

 local-user test1 privilege level 15

 local-user test1 service-type ppp

 local-user testhttp password cipher XXXXXX

 local-user testhttp privilege level 15

 local-user testhttp service-type http

 local-user vodafone password cipher XXXXXX

 local-user vodafone privilege level 2

 local-user vpdnuser password cipher XXXXXX

 local-user vpdnuser privilege level 0

 local-user vpdnuser service-type ppp


<LNS>terminal debugging

Aug 12 2019 12:14:06.199.1+00:00 LNS PPP/7/debug2:

  PPP State Change:

      Virtual-Template1:0 CHAP : SendChallenge --> WaitAAA

<LNS>terminal debugging

Aug 12 2019 12:14:06.199.2+00:00 LNS PPP/7/debug2:

  PPP Event:

      Virtual-Template1:0 CHAP AAA Result Event

      state WaitAAA

<LNS>terminal debugging

Aug 12 2019 12:14:06.199.3+00:00 LNS PPP/7/debug2:

  PPP State Change:

      Virtual-Template1:0 CHAP : WaitAAA --> ServerFailed

<LNS>terminal debugging

Aug 12 2019 12:14:06.199.4+00:00 LNS PPP/7/debug2:

  PPP Packet:

      Virtual-Template1:0 Output CHAP(c223) Pkt, Len 33

      State ServerFailed, code FAILURE(04), id 1, len 29

      Message: Illegal User or password.

<LNS>terminal debugging

Aug 12 2019 12:14:06.199.5+00:00 LNS PPP/7/debug2:

  PPP Error:

      Virtual-Template1:0 CHAP : Server auth failed No.  1 !

<LNS>terminal debugging

Aug 12 2019 12:14:06.199.6+00:00 LNS PPP/7/debug2:

  PPP Event:

      Virtual-Template1:0 LCP Close  Event

      state opened

<LNS>terminal debugging

Aug 12 2019 12:14:06.199.7+00:00 LNS PPP/7/debug2:

  PPP State Change:

      Virtual-Template1:0 LCP : opened --> closing

<LNS>terminal debugging

Aug 12 2019 12:14:06.199.8+00:00 LNS PPP/7/debug2:

  PPP Packet:

      Virtual-Template1:0 Output LCP(c021) Pkt, Len 8

      State closing, code TermReq(05), id 4, len 4

<LNS>terminal debugging

Aug 12 2019 12:14:06.379.1+00:00 LNS PPP/7/debug2:

  PPP Packet:

      Virtual-Template1:0 Input  LCP(c021) Pkt, Len 8

      State closing, code TermReq(05), id 3, len 4

<LNS>terminal debugging

Aug 12 2019 12:14:06.379.2+00:00 LNS PPP/7/debug2:

  PPP Event:

      Virtual-Template1:0 LCP RTR(Receive Terminate Request)  Event

      state closing

<LNS>terminal debugging

Info: Current terminal debugging is on.

<LNS>

Aug 12 2019 12:14:06.379.3+00:00 LNS PPP/7/debug2:

  PPP Packet:

      Virtual-Template1:0 Output LCP(c021) Pkt, Len 8

      State closing, code TermAck(06), id 3, len 4

<LNS>

<LNS>

Aug 12 2019 12:14:06.379.4+00:00 LNS PPP/7/debug2:

  PPP Packet:

      Virtual-Template1:0 Input  LCP(c021) Pkt, Len 8

      State closing, code TermAck(06), id 4, len 4

<LNS>

Aug 12 2019 12:14:06.379.5+00:00 LNS PPP/7/debug2:

  PPP Event:

      Virtual-Template1:0 LCP RTA(Receive Terminate Ack)  Event

      state closing

<LNS>

<LNS>

Aug 12 2019 12:14:06.379.6+00:00 LNS PPP/7/debug2:

  PPP State Change:

      Virtual-Template1:0 LCP : closing --> closed

<LNS>

<LNS>

Aug 12 2019 12:14:06.379.7+00:00 LNS PPP/7/debug2:

  PPP Event:

      Virtual-Template1:0 LCP Lower Down  Event

      state closed

<LNS>

Aug 12 2019 12:14:06.379.8+00:00 LNS PPP/7/debug2:

  PPP State Change:

      Virtual-Template1:0 LCP : closed --> initial


Like (0) Dislike (0) Favorite(0) Share Report
Previous: Huawei have the Router for deploy 5G revelution?
Next: FIREWALL DOES NOT START IN THE ENSP
Featured Answers

Recommended answer

(0) (0)
Popeye_Wang
Admin Created Aug 14, 2019 06:20:06

According to the debugging information, the simple cause is that the account and password are incorrect.Huawei AR207V-P Remote user L2TP over ipsec vpn failing on chap authentication-3033385-1 
Another possible cause is that the system registry is not modified,as DDSN mentioned. 
In addition, you need to check whether the PAP and CHAP supported by the device are selected.
chap


View more
  • x
  • convention:
All Answers
(0) (0)
2#
DDSN
DDSN Admin Created Aug 12, 2019 15:29:47

You can refer to http://support.huawei.com/hedex/hdx.do?lib=EDOC1100028615AEH0627G&docid=EDOC1100028615&lang=en&v=05&tocLib=EDOC1100028615AEH0627G&tocV=05&id=EN-US_CONCEPT_0177896269&tocURL=resources%2fdc%2fdc%5far%5ffaq%5fl2tp%5f0008%2ehtml&p=t&fe=1&ui=3&keyword=over&keyword=l2tp&keyword=ipsec&text=What%252BCan%252BI%252BDo%252BIf%252Ba%252BPC%252BRunning%252Bthe%252BWindows%252B7%252Bor%252BXP%252BOperating%252BSystem%252BFails%252Bto%252BEstablish%252Ban%252B%25253Cb%25253EL2TP%25253C%25252Fb%25253E%252B%25253Cb%25253Eover%25253C%25252Fb%25253E%252B%25253Cb%25253EIPSec%25253C%25252Fb%25253E%252BTunnel%252Bwith%252Bthe%252BDevice%25253F
View more
  • x
  • convention:
(0) (0)
3#
Popeye_Wang
Popeye_Wang Admin Created Aug 14, 2019 06:20:06

According to the debugging information, the simple cause is that the account and password are incorrect.Huawei AR207V-P Remote user L2TP over ipsec vpn failing on chap authentication-3033385-1 
Another possible cause is that the system registry is not modified,as DDSN mentioned. 
In addition, you need to check whether the PAP and CHAP supported by the device are selected.
chap


View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.