ZyXEL Communications SBG3300-N series User Manual page 235

An L2TP client is disconnected unexpectedly.
4
Tip: An L2TP connection will be dropped when one of the followings occurs on the Device:
(1) Client has no activity for a period of time.
(2) Client loses connectivity to the Device for a period of time.
(3) Any IPSec VPN configuration change is applied on the Device.
(4) Either Default_L2TPVPN IPSec configuration or L2TP VPN is disabled on the Device.
(5) When any one of these configuration changes is applied on the Device: WAN Interface used for
L2TP VPN, IP Address Pool, Access Group.
(6) The Device WAN interface on which the L2TP connection established is disconnected.
An L2TP client is connected successfully but cannot access the local host or server behind the
5
Device.
Tip: This may be caused by one of the followings:
(1) The local host or server is disconnected.
(2) The Access Group is not configured correctly. From the Device's GUI, go to the VPN > L2TP
VPN > Setup screen to check. Note that all local hosts are by default accessible unless Access
Group is configured.
(3) IP Address Pool for L2TP VPN is conflicting with any WAN, LAN, DMZ, WLAN, or PPTP VPN
subnet configured on the Device. Note that IP Address Pool for L2TP VPN has 24-bit netmask and
should not conflict with any others listed above even if they are not in use.
An L2TP client is connected successfully but cannot browse Internet.
6
Tip: From the Device's GUI, click VPN > L2TP VPN > Setup. Check if DNS Server is configured. A
client cannot browse Internet without DNS resolved. Note that when a new DNS Server is
configured, the client must disconnect then reconnect in order for the new DNS Server to take
effect.
The L2TP client can no longer connect to SBG3300 after the Encryption or Authentication for the
7
Default_L2TPVPN IPSec VPN rule is changed.
Tip: A user usually do not need change the default Encryption or Authentication algorithms in
the Default_L2TPVPN IPSec VPN rule. The default Encryption and Authentication algorithms
should support the built-in L2TP/IPSec client software in the popular operating systems (Windows
(XP, Vista, 7), Android, and iOS).
Refer to Table 92 on page 214
As a reference,
the popular operating systems during IPSec phase 1 negotiation. The first proposal that can be
supported by the phase 1 setting in the Default_L2TPVPN IPSec VPN rule will be accepted by the
SBG3300-N Series User's Guide
for the default setting of the Default_L2TPVPN IPSec VPN rule.
Table 104 on page 236 lists the IPSec proposals provided by a built-in L2TP client in
Chapter 21 L2TP VPN
235