Re: Site to Site VPN Connection Using L2TP/IPSec by Pre-shared Key
- From: "Roy Tsao" <roy_tsao@xxxxxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Sat, 26 Mar 2005 09:39:29 -0700
> Dear Tom,
>
> There are two articles presented by you at Microsoft website:
>
> "Creating A Site-to-Site L2TP/IPSec VPN Between ISA2004 VPN Gateays: Hotw
> to Configure the Pre-shared Key"
>
> "ISA Server 2004 VPN Deployment Kit"
>
> I am quite confused in the these two:
> 1) In the first one, you mentiond
> "If you have a cerficate installed on this computer and you enable the
> pre-shared key option, then the pre-shared key
> will always be used"
> but the later one said Pre-shared key is just a backup when certificate
> failed
> which is correct?
> 2) Also in the first one,
> "if you do not have a cerficate installed, and you decide to use a
> pre-shared key as backup,
> the site-to-site VPN connection will fail. Do not seclect the Allow
> pre-shared key IPSec authentication as
> a secondary (backup) authentication method option, even if you do not
> have a certificate installed on this
> computer"
> But there is a illustration in the 2nd article showing check option of
> pre-shared key option as a secondary
> authentication method.
> What is the correct way to have L2TP/IPSec VPN by pre-shared key without
> certificate
> 3) My problem in creating site to site VPN connection
> Could succeeded in creating site to site by PPTP, but whenever I switch
> into L2TP/IPSec with pre-shared
> key, the connection always fails. The log shows "No response from remote
> computer against L2TP dial-in
> authentication", what's wrong?
>
> Thanks,
>
> Roy Tsao
Other related posts:
