Dear Tom-san, I failed to creat a site to site VPN connection using L2TP/IPsec by pre-shared key even though site to site VPN through PPTP does work. Then I did check you article and I am confused in using the pre-shared key, that's why I could have question in my previous post. Again, please would you clarify "if you do not have a cerficate installed, and you decide to use a pre-shared key as backup, the site-to-site VPN connection will fail. Do not seclect the Allow pre-shared key IPSec authentication as a secondary (backup) authentication method option, even if you do not have a certificate installed on this computer" In addtional to above, my current problem in creating VPN connection through L2TP/IPSec either by pre-shared key or certificate is no answer from remote called site (again PPTP configuration works), what is the reason for this? Thanks for your kind reply! Roy Tsao ----- Original Message ----- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Sunday, March 27, 2005 1:23 AM Subject: [isalist] Re: Site to Site VPN Connection Using L2TP/IPSec by Pre-shared Key http://www.ISAserver.org Hi Roy, If you configure a pre-shared key, then that will be used. HTH, Tom -----Original Message----- From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx] Sent: Saturday, March 26, 2005 10:39 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Site to Site VPN Connection Using L2TP/IPSec by Pre-shared Key http://www.ISAserver.org > Dear Tom, > > There are two articles presented by you at Microsoft website: > > "Creating A Site-to-Site L2TP/IPSec VPN Between ISA2004 VPN Gateays: Hotw to Configure the Pre-shared Key" > > "ISA Server 2004 VPN Deployment Kit" > > I am quite confused in the these two: > 1) In the first one, you mentiond > "If you have a cerficate installed on this computer and you enable the pre-shared key option, then the pre-shared key > will always be used" > but the later one said Pre-shared key is just a backup when certificate failed > which is correct? > 2) Also in the first one, > "if you do not have a cerficate installed, and you decide to use a pre-shared key as backup, > the site-to-site VPN connection will fail. Do not seclect the Allow pre-shared key IPSec authentication as > a secondary (backup) authentication method option, even if you do not have a certificate installed on this > computer" > But there is a illustration in the 2nd article showing check option of pre-shared key option as a secondary > authentication method. > What is the correct way to have L2TP/IPSec VPN by pre-shared key > without certificate > 3) My problem in creating site to site VPN connection > Could succeeded in creating site to site by PPTP, but whenever I switch into L2TP/IPSec with pre-shared > key, the connection always fails. The log shows "No response from remote computer against L2TP dial-in > authentication", what's wrong? > > Thanks, > > Roy Tsao ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: roy_tsao@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx