According to the support article listed below, all computers running version of Windows prior to Windows 10 need the addition of a registry key entry to connect to an L2TP/IPSEC server which is located behind a NAT firewall.
Procedure: Step 1: Login to the PC as Administrator or an user who is a member of the Administrator Group. Step 2: Click Start > Run or Start > All Programs > Accessories > Run and type regedit. Step 3: Locate the entry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent. Step 4: Create a new DWORD (32-bit) value (Edit > New). Step 5: Add AssumeUDPEncapsulationContextOnSendRule and save. Step 6: Modify the new entry and change Value Data from 0 to 2. Value 0 -> Cannot establish security associations with servers that are localted behind NAT devices. Value 2 -> Can establish security associations with servers that are located behind NAT devices. Step 7: Reboot the computer and try to setup the connection one more time. After the reboot we should be able to connect to the VPN server with the same configuration as before.