Site to Site VPN Connection Using L2TP/IPSec by Pre-shared Key
- From: "Roy Tsao" <roy_tsao@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sun, 27 Mar 2005 00:18:41 +0800
Dear Tom,
There are two articles presented by you at Microsoft website:
"Creating A Site-to-Site L2TP/IPSec VPN Between ISA2004 VPN Gateays: Hotw to
Configure the Pre-shared Key"
"ISA Server 2004 VPN Deployment Kit"
I am quite confused in the these two:
1) In the first one, you mentiond
"If you have a cerficate installed on this computer and you enable the
pre-shared key option, then the pre-shared key
will always be used"
but the later one said Pre-shared key is just a backup when certificate
failed
which is correct?
2) Also in the first one,
"if you do not have a cerficate installed, and you decide to use a
pre-shared key as backup,
the site-to-site VPN connection will fail. Do not seclect the Allow
pre-shared key IPSec authentication as
a secondary (backup) authentication method option, even if you do not have
a certificate installed on this
computer"
But there is a illustration in the 2nd article showing check option of
pre-shared key option as a secondary
authentication method.
What is the correct way to have L2TP/IPSec VPN by pre-shared key without
certificate
3) My problem in creating site to site VPN connection
Could succeeded in creating site to site by PPTP, but whenever I switch into
L2TP/IPSec with pre-shared
key, the connection always fails. The log shows "No response from remote
computer against L2TP dial-in
authentication", what's wrong?
Thanks,
Roy Tsao
Other related posts:
