L2TP / IPsec VPN Does won’t Connect in Windows 10 Fix

If you are someone who uses a VPN to connect to Windows 10, then you may come across an error sometimes that prevents you to establish an L2TP/IPsec (that you created) connection with your Windows system. There a quite a few reasons why you may see this error and some of them are the incorrect username and password entry, invalid server name or address input, broken encryption settings in the server, firewall blocking the connection, or incorrect certificate.


ADVERTISEMENT

While sometimes the issue can be resolved by double-checking if the username,  password, server, and address, are all correct, most of the time this does not help. However, we have come up with a few workarounds for you for the L2TP/IPsec VPN that does not connect to your Windows 10 PC. Let’s see how to fix the issue.

 

Method 1: Modify Registry from CMD

Modifying the registry from the command line should fix the issue on your computer.

Warning – Registry Editor is a very delicate place on your system. Before committing any changes to the system, we request to make a backup of the registry on your computer.

Follow these easy steps to do so.

1. Type “regedit” in the search box.

2. Then, click on the “Registry Editor” to access it.

 

Regedit

 

3. After opening the Registry Editor, click on “File“. Then click on “Export” to make a new backup on your computer.

 

Export Registry

 

After creating the backup, close the Registry Editor.

4. Search for “cmd” from the search box.

5. After that, right-click on “Command Prompt” and click on the “Run as administrator“.

 

Start Search Command Prompt Right Click Run As Administrator

 

6. What you have to do when the terminal appears is to copy-paste this line and hit Enter.

REG ADD HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent /v AssumeUDPEncapsulationContextOnSendRule /t REG_DWORD /d 0x2 /f

 

Command Prompt (admin) Run Command Enter

 

After executing this code, close the CMD terminal.

Restart your computer. Check if this has helped you to solve the problem on your computer.

 

 

Method 2: Checking the VPN Proxy Settings

 

Step 1: Go to the Windows search bar and type VPN settings in the field.

 

Start Windows Search Vpn Settings

 

Step 2: Left-click on the result to open the VPN settings window.

 

Reszult Left Click Vpn Settings

 

Step 3: In the VPN settings window, go to the right side of the pane and select your VPN connection. Then select the Advanced options button below it.

 

 

Vpn Settings Your Vpn Connection Advanced Options

 


ADVERTISEMENT

Step 4: In the next window, scroll down and under VPN Proxy settings check if the proxy settings are correct (if you need to redirect to a proxy server), or select None to remove the proxy.

Press Apply to save the changes.

 

Vpn Proxy Settings Select None To Remove The Proxy Apply

 

 

Now, try connecting your L2TP/IPsec VPN and it should  work fine now. If you are still facing an issue, follow the next method.

 

Method 3: By Opening L2TP Ports in Firewall

 

Step 1: Go to Windows search (next to Start) and type firewall in the search field.

 

Start Search Firewall

 

Step 2: Left-click on the result (Firewall & network protection) to open the Windows Defender Firewall with Advanced Security.

 

Result Left Click Firewall & Network Protection

 

Step 3: In the Windows Defender Firewall with Advanced Security pane, go to Inbound Rules.

Then navigate to the Actions pane on the extreme right side and click on New Rule.

 

Windows Defender Firewall With Advanced Security Inbound Rules Actions New Rule

 

Step 4: It will open the New Inbound Rule Wizard window. Now select Port and press Next.

 

New Inbound Rule Wizard Port Next

 

Step 5: Now, in the Protocol and Ports window, select UDP and then, in the Specific local ports field type 1701, 500, 4500.

 

Protocol And Ports Udp Specific Local Ports Type 1701, 500, 4500

 

Step 6: Next, in the Action window, select Allow the connection if its secure and press Next.

 

Action Allow The Connection If Its Secure Next

 

Step 7: Keep pressing Next till you reach the Name window. Set a rule name and press Finish.

 

Name Set A Rule Name Finish

 

Repeat the same process for Outbound Rules.

Once done, try connecting the VPN and it should go through. However, if  the VPN still does not connect, follow the below method.

 

Method 4: Using the Command Prompt

 

Step 1: Go to Start and type Command Prompt in the search field.

 

Desktop Start Search Command Prompt

 

Step 2: Right-click on the result and select Run as administrator from the menu to open the Command Prompt in elevated mode.

 

Start Search Command Prompt Right Click Run As Administrator

 

Step 3: In the Command Prompt (Admin) window, type the below command and press Enter:

 

Command Prompt (admin) Run Command Enter

 

Now, reboot your computer the and your L2TP/IPsec VPN should be connected again.

However, if you still encounter the error, you can try the below method.

 

Method 5: Editing the Registry Editor

 

Step 1: Press Win + R keys together on your keyboard to open the Run command.

 

Step 2: In the Run command search field, type regedit and press OK to open the Registry Editor window.

 

Win + R Run Command Regedit Ok

 

Step 3: In the Registry Editor window, navigate to the below path:

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent

 

Registry Editor Navigate To Path Right Side Right Click New Dword (32 Bit)

 

Step 4: Rename the DWORD (32-bit) as AssumeUDPEncapsulationContextOnSendRule.

 

New Dword Value Rename Assumeudpencapsulationcontextonsendrule

 

Step 5: Double-click on AssumeUDPEncapsulationContextOnSendRule to open the Edit DWORD (32-bit) Value dialogue box. Now, go to the Value data field and set it to 2.

 

Edit Dword (32 Bit) Value Value Data 2 Ok

 

Step 6: Now, copy the below path and paste it in the Registry Editor address bar:

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan

 

Now, go to the right side of the pane and right-click on an empty space. From the menu, select New and then DWORD (32-bit) Value.

 

Registory Editor Rasman New Dword (32 Bit) Value

 

Step 7: Now, rename the new DWORd (32-bit) Value as ProhibitIpSec. 

 

New Dword Value Rename Prohibitipsec

 

Step 8: Double-click on ProhibitIpSec to open the Edit DWORD (32-bit) Value dialogue box. Change the Value data to 0.

Press OK to save the changes and exit.

 

Edit Dword (32 Bit) Value Value Data 0 Ok

 

Exit Registry Editor and restart your PC for the changes to be effective. Your VPN should now connect to your Windows 10 PC.

If the problem persists, try checking the VPN Connection Properties as shown below.

 

Method 6: Double-Check the Authentication Settings

 

Step 1: Press Win + R hotkey together on your keyboard to open the Run command.

 

Step 2: Type ncpa.cpl in the Run command search box and hit Enter:

 

Win + R Run Command Ncpa.cpl Enter

 

Step 3: It opens the Network Connections window. Right-click on your VPN and select Properties.

 

Network Connections Vpn Right Click Properties

 

Step 4: In the Properties window, go to the Security tab and check if the Type of VPN is set to Layer 2 Tunneling Protocol with IPsec (L2TP/IPsec).

Check if the radio button next to Allow these protocols is selected.

Make sure that Challenge Handshake Authentication Protocol (CHAP) and Microsoft CHAP Version 2 (MS-CHAP v2) are both checked.

If none of the above options are selected, then select them accordingly and press OK to save the changes and exit.

 

Vpn Properties Security Type Of Vpn Allow These Protocols Chap Ms Chap V2

 

Now, try connecting your VPN to Windows and it should work fine. If you are still not able to connect, try the below method.

 

Method 7: Restarting the IPsec service

 

Step 1: Navigate to the Windows search field and type Services in the search box.

 

Desktop Start Search Services

 

Step 2: Left-click on the result to open the Services window.

 

Desktop Start Search Services Result

 

Step 3: In the Services window, go to the right side and under Names, look for IPsec Policy Agent.

Right-click on it and click on Restart to start the service again.

 

Services Name Ipsec Policy Agent Restart


ADVERTISEMENT

 

Now, since you have successfully restarted the service, your VPN should connect to your Windows system.

Alternatively, you can also try the next method.

 

Method 8: By Disabling Xbox Live Networking Service

 

Step 1: Navigate to the Windows search field and type Services in the search box.

 

Desktop Start Search Services

 

Step 2: Left-click on the result to open the Services window.

 

Desktop Start Search Services Result

 

Step 3: In the Service manager window, go to the right side and under the Names column, look for Xbox Live Networking Service.

 

Services Names Xbox Live Networking Service

 

Step 4: Double-click on the Xbox Live Networking Service and in the Properties window, under the General tab, go to the Startup type section. Set it to Disabled.

Press Apply and then OK to save the changes and exit.

 

Properties General Startup Type Apply Ok

 


ADVERTISEMENT


Reboot your PC for the changes to be effective, you can now connect your VPN to your Windows computer.

If this method also fails, you can try the next method.

 

Method 9: By Updating the Network Drivers

 

Step 1: Right-click on Start and select Device Manager from the menu.

 

Win + X Device Manager

 

Step 2: In the Device Manager window, navigate to Network adapters and expand it.

Now, right-click on TAP-Windows Adapter V9 and select Update driver.

 

Step 3: Press the Search automatically for updated driver software option and follow the instructions as shown to finish updating the driver.

 

Step 4: Repeat the same process for WAN Miniport (L2TP) and WAN Miniport (Network Monitor).

 

Wan Miniport (l2tp) Wan Miniport (network Monitor) Right Click Update Driver

 

*Note – If you see a message saying “The best drivers for your device are already installed“, then you can try looking for any latest driver in Windows Update and install them manually. You an also use a driver update software to find and install drivers automatically.

Restart your PC and try connecting your VPN again. It should now connect to your system.

 

While any of the above methods should resolve your L2TP/IPsec VPN connection problem, you can also try using a premium VPN service from a trusted brand to check if that can fix the issue.

ADVERTISEMENT