> Dear Tom, > > There are two articles presented by you at Microsoft website: > > "Creating A Site-to-Site L2TP/IPSec VPN Between ISA2004 VPN Gateays: Hotw > to Configure the Pre-shared Key" > > "ISA Server 2004 VPN Deployment Kit" > > I am quite confused in the these two: > 1) In the first one, you mentiond > "If you have a cerficate installed on this computer and you enable the > pre-shared key option, then the pre-shared key > will always be used" > but the later one said Pre-shared key is just a backup when certificate > failed > which is correct? > 2) Also in the first one, > "if you do not have a cerficate installed, and you decide to use a > pre-shared key as backup, > the site-to-site VPN connection will fail. Do not seclect the Allow > pre-shared key IPSec authentication as > a secondary (backup) authentication method option, even if you do not > have a certificate installed on this > computer" > But there is a illustration in the 2nd article showing check option of > pre-shared key option as a secondary > authentication method. > What is the correct way to have L2TP/IPSec VPN by pre-shared key without > certificate > 3) My problem in creating site to site VPN connection > Could succeeded in creating site to site by PPTP, but whenever I switch > into L2TP/IPSec with pre-shared > key, the connection always fails. The log shows "No response from remote > computer against L2TP dial-in > authentication", what's wrong? > > Thanks, > > Roy Tsao