Re: Site to Site VPN Connection Using L2TP/IPSec by Pre-shared Key
- From: "Roy Tsao" <roy_tsao@xxxxxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Wed, 30 Mar 2005 23:44:29 -0700
Dear Tom-san,
I failed to creat a site to site VPN connection using L2TP/IPsec by
pre-shared key even though site to site VPN through PPTP does work. Then I
did check you article and I am confused in using the pre-shared key,
that's why I could have question in my previous post. Again, please would
you clarify
"if you do not have a cerficate installed, and you decide to use a
pre-shared key as backup, the site-to-site VPN connection will fail.
Do not seclect the Allow pre-shared key IPSec authentication as
a secondary (backup) authentication method option, even if you do
not have a certificate installed on this computer"
In addtional to above, my current problem in creating VPN connection
through L2TP/IPSec either by pre-shared key or certificate is no answer
from remote called site (again PPTP configuration works), what is the
reason for this?
Thanks for your kind reply!
Roy Tsao
----- Original Message -----
From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Sunday, March 27, 2005 1:23 AM
Subject: [isalist] Re: Site to Site VPN Connection Using L2TP/IPSec by
Pre-shared Key
http://www.ISAserver.org
Hi Roy,
If you configure a pre-shared key, then that will be used.
HTH,
Tom
-----Original Message-----
From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx]
Sent: Saturday, March 26, 2005 10:39 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Site to Site VPN Connection Using L2TP/IPSec by
Pre-shared Key
http://www.ISAserver.org
> Dear Tom,
>
> There are two articles presented by you at Microsoft website:
>
> "Creating A Site-to-Site L2TP/IPSec VPN Between ISA2004 VPN Gateays:
Hotw to Configure the Pre-shared Key"
>
> "ISA Server 2004 VPN Deployment Kit"
>
> I am quite confused in the these two:
> 1) In the first one, you mentiond
> "If you have a cerficate installed on this computer and you enable
the pre-shared key option, then the pre-shared key
> will always be used"
> but the later one said Pre-shared key is just a backup when
certificate failed
> which is correct?
> 2) Also in the first one,
> "if you do not have a cerficate installed, and you decide to use a
pre-shared key as backup,
> the site-to-site VPN connection will fail. Do not seclect the
Allow pre-shared key IPSec authentication as
> a secondary (backup) authentication method option, even if you do
not have a certificate installed on this
> computer"
> But there is a illustration in the 2nd article showing check option
of pre-shared key option as a secondary
> authentication method.
> What is the correct way to have L2TP/IPSec VPN by pre-shared key
> without certificate
> 3) My problem in creating site to site VPN connection
> Could succeeded in creating site to site by PPTP, but whenever I
switch into L2TP/IPSec with pre-shared
> key, the connection always fails. The log shows "No response from
remote computer against L2TP dial-in
> authentication", what's wrong?
>
> Thanks,
>
> Roy Tsao
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
roy_tsao@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
