Synology L2TP/IPSec VPN

In the last few releases, Synology has added L2TP/IPSec as an option for a VPN. ¬†I’ve never been able to get it to work on a Windows client until today.

Ports Required:

  • IPSec – UPD 500
  • IPSec NAT Traversal – UDP 4500
  • L2TP – UDP 1701

Fix on Windows clients –¬†http://support.microsoft.com/kb/926179

  • For Win7 and Win8 Machines
    • HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesPolicyAgent
    • New DWORD (32-bit) –¬†AssumeUDPEncapsulationContextOnSendRule
    • Set the Value Data to 2

Update:

Using OpenVPN with port 443, for easier access: http://forum.synology.com/enu/viewtopic.php?t=45545#p215354

12 thoughts on “Synology L2TP/IPSec VPN”

  1. Very helpful post and it effectively resolved my issue of accessing my Synology VPN from my win 7 laptop. thank you.

  2. Awesome, it worked for me on Synology DS415+, VPN connects very well but I am still having problem with seeing the shared folder in DS or even seeing whole Synology while VPN connected to the LAN however according to DSM my windows 7 pc can get IP from different Subnet. Any idea to resolve this issue?Thanks

  3. I add the registry key, but I cannot connect to the VPN.

    With Apple, Android System it works fine.

    But no change to connect via Windows 10.

    Any idea?

    1. There are two services that need to be running on a windows system:
      IKE and AuthIP IPsec Keying Modules & IPsec Policy Agent
      Change them both to automatic and start them and you should be right!

Leave a Reply

Your email address will not be published. Required fields are marked *