Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Participant

IPsec L2TP with ClusterXL

Hi guys,
I am trying to configure a Windows IPsec \ L2TP (Pre-shared Key) client connection for  ClusterXL and for standalone gateways. Authentication through AD. I made all the settings by the SK140832. All vpn setting on ClusterXL and on others gateways are the same.

The older client support must be enabled for AD-auth support

AD-support.JPG

Other settings

Global-Settings.JPG

vpn-blade-settings.JPG

 

But the connection only works for standalone gateways. For ClusterXL, I see an error in the logs: “This IKE SA should be used only for L2TP. Probably a computer certificate. "

 

For ClusterXL:

failed_login.JPG

For others standalone gateways - the connection is perfect

Login.JPG

Does anyone have an idea - why?

0 Kudos
Reply
2 Replies
Admin
Admin

There were definitely some issues with L2TP previously: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
Recommend applying the latest GA Jumbo Hotfix.
If you're still having an issued, best to engage with TAC.
0 Kudos
Reply
Participant

The Take 196 solved the issue.

0 Kudos
Reply