Synology L2TP/IPSec VPN

In the last few releases, Synology has added L2TP/IPSec as an option for a VPN.  I’ve never been able to get it to work on a Windows client until today.

Ports Required:

  • IPSec – UPD 500
  • IPSec NAT Traversal – UDP 4500
  • L2TP – UDP 1701

Fix on Windows clients –

  • For Win7 and Win8 Machines
    • HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesPolicyAgent
    • New DWORD (32-bit) – AssumeUDPEncapsulationContextOnSendRule
    • Set the Value Data to 2


Using OpenVPN with port 443, for easier access:


  1. Very helpful post and it effectively resolved my issue of accessing my Synology VPN from my win 7 laptop. thank you.

  2. Found that very helpful as well.This also worked on a Win8.1 non-pro after restart. Thanks for sharing !

  3. Awesome, it worked for me on Synology DS415+, VPN connects very well but I am still having problem with seeing the shared folder in DS or even seeing whole Synology while VPN connected to the LAN however according to DSM my windows 7 pc can get IP from different Subnet. Any idea to resolve this issue?Thanks

  4. I add the registry key, but I cannot connect to the VPN.

    With Apple, Android System it works fine.

    But no change to connect via Windows 10.

    Any idea?

    1. There are two services that need to be running on a windows system:
      IKE and AuthIP IPsec Keying Modules & IPsec Policy Agent
      Change them both to automatic and start them and you should be right!

  5. Thanks, thanks, thanks,
    Lot of time searching, trackking, debugging and now with a simple “2” value in the registry.

  6. Wow. It’s awesome. I finally succeeded to connect to the VPN server from my Surface Pro(windows 10). Reboot is required after adding the variable to the registry. Thank you so much aaron.

Comments are closed.