Users connecting to an L2TP via a Chromebook receive a "Connect Failed" error message
10/16/2023 10 People found this article helpful 487,866 Views
Description
Users trying to connect via L2TP from a Chromebook fail to connect and get a "Connect Failed" error. This happens because pursuant to Google's documentation Chromebooks do not support XAUTH Authentication in any capacity. XAUTH is the default Authentication method for VPN Users on the SonicWall and this will lead to compatibility issues. Below is an exerpt from the Glboal VPN Client Logs that you're likely to see when connecting to the SonicWall VPN via Chromebook and attempting to use XAUTH:
NOTE: These Logs are captured when trying to connect and observing the subsequent failure.
4500 VPN Pol... Received IKE SA delete request
4500 VPN Pol... Received IPsec SA delete request
4500 RECEIVED<<< ISAKMP OAK INFO (InitCookie:0x7cxxxxxxxxxx RespCookie:0x6addfxxxxxxxxx...
4500 VPN Pol... IKE negotiation complete. Adding IPsec SA. (Phase 2)
4500 VPN Pol... IKE Responder: Accepting IPsec proposal (Phase 2)
4500 VPN Pol... IKE Responder: Received Quick Mode Request (Phase 2)
4500 VPN Pol... IKE Responder: Main Mode complete (Phase 1)
VPN Inform NAT Discovery: Peer IPsec Security Gateway behind a NAT/NAPT Device
500 admin IKE Responder: Received Main Mode Request (Phase 1)
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
Chromebook OS doesn't support XAUTH so in place of that we have to use Shared Secret only and disable Authentication.
- Navigate to NETWORK | Ipsec VPN | Rules and Settings | WAN Group VPN and click Configure.
- Click on the Advanced Tab | Client Authentication and disable "Require authentication of VPN clients by XAUTH".
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
Chromebook OS doesn't support XAUTH so in place of that we have to use Shared Secret only and disable Authentication.
- Navigate to MANAGE | VPN | Base Settings|WAN Group VPN and click Configure.
- Click on the Advanced Tab | Client Authentication and disable "Require authentication of VPN clients by XAUTH".
Related Articles
Categories
Was This Article Helpful?
YESNO