Tweet
Hello,
I am using Windows 10, OS Version: 10.0.19045 N/A Build 19045.
Until today, I have had no issues with connecting to workplace using built-in Windows L2TP/IPsec client (pre-shared key option, optional encryption, allow proto MS-CHAP v2 only, enabled LCP extensions). After I had downloaded openVPN client (OpenVPN-2.6.11-I002-amd64 from official community download), for other purpouse, I was no longer able to connect via L2TP. Because I am familliar with problem (I knew it might me the answer, so searching for problem took me only up to the 3 hours - but took) so I managed to find the solution - contacted my ISP who allowed on ONU an option ALG SWITCH IPsec, after that tunnel connects. But it's not an answer to me what exactly changed the openVPN on my computer, and I would like to revert all changed made by installation. I ask for assistance from you, because I was unable to find the answer on my own.
Steps which failed in finding the answer:
- uninstall openVPN via Windows program manager
- manually remove in regedit: HKEY_CURRENT_USER\SOFTWARE\OpenVPN-GUI
- fully turned off Windows firewall
- in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\RasMan\Parameters I added DWORD "ProhibitIpSec" and set to 1 //they are already deleted, only created them from other people suggestions
- in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSetService s\PolicyAgent I added DWORD "AssumeUDPEncapsulationContextOnSendRule" with value 2 //they are already deleted, only created them from other people suggestions
- in meantime and after changes in the regedit, I rebooted my windows computer a few times
With openVPN installed, my packet to workplace (L2TP..., checked in Wireshark) stucks in: ISAKMP message Identity Protection (Main Mode). Payload points RFC 3947 NAT-Traversal (maybe some changed were made to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlS et\Services\IPNAT?).
So I bet that changes made with openVPN have nothing to do with uninstalling it - they are already made, and there must be some other files or some regedit options to add/change with NAT Traversal.
- I didn't find anything in %appdata%
- I didn't find anything in %tmp%
My questions are:
1. Is there a way to follow step-by-step openVPN installation? Maybe if there is a log file, I could be able to revert changes made from installing.
2. Is there a way to "edit" the installer and see what it does, if there are no logs?
3. Are there regedit entries I could change to make this work again or...
4. it is not even linked to regedit and I should be looking somewhere else?
More info:
- there is no problem with L2TP server, I connected to it WITHOUT problems while creating hotspot from my phone
- I also connected to Wireguard in company with no problems from device, so there is no connection issue to workplace
- I had no other VPN clients installed on this PC before downloading openVPN, no other services, nothing
- repeating, before installing openVPN everything worked fine and my ISP didn't have to make any changes on his side
- I know it can work now by enabling ALG on ONU, but I am looking for an answer what was made and how I can control it instead of letting it just work and take it for granted.
Thanks for your help.
EDIT: I am setting up virtual machine with Windows to look for changes that could be made.
I am using Windows 10, OS Version: 10.0.19045 N/A Build 19045.
Until today, I have had no issues with connecting to workplace using built-in Windows L2TP/IPsec client (pre-shared key option, optional encryption, allow proto MS-CHAP v2 only, enabled LCP extensions). After I had downloaded openVPN client (OpenVPN-2.6.11-I002-amd64 from official community download), for other purpouse, I was no longer able to connect via L2TP. Because I am familliar with problem (I knew it might me the answer, so searching for problem took me only up to the 3 hours - but took) so I managed to find the solution - contacted my ISP who allowed on ONU an option ALG SWITCH IPsec, after that tunnel connects. But it's not an answer to me what exactly changed the openVPN on my computer, and I would like to revert all changed made by installation. I ask for assistance from you, because I was unable to find the answer on my own.
Steps which failed in finding the answer:
- uninstall openVPN via Windows program manager
- manually remove in regedit: HKEY_CURRENT_USER\SOFTWARE\OpenVPN-GUI
- fully turned off Windows firewall
- in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\RasMan\Parameters I added DWORD "ProhibitIpSec" and set to 1 //they are already deleted, only created them from other people suggestions
- in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSetService s\PolicyAgent I added DWORD "AssumeUDPEncapsulationContextOnSendRule" with value 2 //they are already deleted, only created them from other people suggestions
- in meantime and after changes in the regedit, I rebooted my windows computer a few times
With openVPN installed, my packet to workplace (L2TP..., checked in Wireshark) stucks in: ISAKMP message Identity Protection (Main Mode). Payload points RFC 3947 NAT-Traversal (maybe some changed were made to Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlS et\Services\IPNAT?).
So I bet that changes made with openVPN have nothing to do with uninstalling it - they are already made, and there must be some other files or some regedit options to add/change with NAT Traversal.
- I didn't find anything in %appdata%
- I didn't find anything in %tmp%
My questions are:
1. Is there a way to follow step-by-step openVPN installation? Maybe if there is a log file, I could be able to revert changes made from installing.
2. Is there a way to "edit" the installer and see what it does, if there are no logs?
3. Are there regedit entries I could change to make this work again or...
4. it is not even linked to regedit and I should be looking somewhere else?
More info:
- there is no problem with L2TP server, I connected to it WITHOUT problems while creating hotspot from my phone
- I also connected to Wireguard in company with no problems from device, so there is no connection issue to workplace
- I had no other VPN clients installed on this PC before downloading openVPN, no other services, nothing
- repeating, before installing openVPN everything worked fine and my ISP didn't have to make any changes on his side
- I know it can work now by enabling ALG on ONU, but I am looking for an answer what was made and how I can control it instead of letting it just work and take it for granted.
Thanks for your help.
EDIT: I am setting up virtual machine with Windows to look for changes that could be made.