-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Users connecting to an L2TP via a Chromebook receive a "Connect Failed" error message
10/16/2023 
10 People found this article helpful
482,099 Views
Description
Users trying to connect via L2TP from a Chromebook fail to connect and get a "Connect Failed" error. This happens because pursuant to Google's documentation Chromebooks do not support XAUTH Authentication in any capacity. XAUTH is the default Authentication method for VPN Users on the SonicWall and this will lead to compatibility issues. Below is an exerpt from the Glboal VPN Client Logs that you're likely to see when connecting to the SonicWall VPN via Chromebook and attempting to use XAUTH:
NOTE: These Logs are captured when trying to connect and observing the subsequent failure.
4500 VPN Pol... Received IKE SA delete request
4500 VPN Pol... Received IPsec SA delete request
4500 RECEIVED<<< ISAKMP OAK INFO (InitCookie:0x7cxxxxxxxxxx RespCookie:0x6addfxxxxxxxxx...
4500 VPN Pol... IKE negotiation complete. Adding IPsec SA. (Phase 2)
4500 VPN Pol... IKE Responder: Accepting IPsec proposal (Phase 2)
4500 VPN Pol... IKE Responder: Received Quick Mode Request (Phase 2)
4500 VPN Pol... IKE Responder: Main Mode complete (Phase 1)
VPN Inform NAT Discovery: Peer IPsec Security Gateway behind a NAT/NAPT Device
500 admin IKE Responder: Received Main Mode Request (Phase 1)
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
Chromebook OS doesn't support XAUTH so in place of that we have to use Shared Secret only and disable Authentication.
- Navigate to NETWORK | Ipsec VPN | Rules and Settings | WAN Group VPN and click Configure.
- Click on the Advanced Tab | Client Authentication and disable "Require authentication of VPN clients by XAUTH".
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
Chromebook OS doesn't support XAUTH so in place of that we have to use Shared Secret only and disable Authentication.
- Navigate to MANAGE | VPN | Base Settings|WAN Group VPN and click Configure.
- Click on the Advanced Tab | Client Authentication and disable "Require authentication of VPN clients by XAUTH".
Related Articles
- Initial and Advanced Firewall Setup for high security environments
- How to Create URI List Objects/Groups on SonicOSX 7?
- How to block Hotspot Shield proxy/VPN using Advanced Application Control
Categories
- Firewalls > TZ Series
- Firewalls > SonicWall SuperMassive E10000 Series
- Firewalls > SonicWall SuperMassive 9000 Series
- Firewalls > SonicWall NSA Series
YES
NO