XP VPN L2TP/IPSec

[Guest]

I am attempting to tunnel between two XP Prof machines using a L2TP/IPSec
VPN. Each has a permanent broadband connection and firewall at each end. I
have created a Win2K Standalone CA (which will not be online) to distribute
certificates to both XP boxes (necessary for IPSec as I understand it) so
each can authenticate to one another. Configuring the firewalls is not an
issue. My question is whether what I am trying to do going to work? Does
anything else need to be done?

 

[Jeffrey Randow (MVP)]

You need a user certificate and a computer certificate to get
cert-based L2TP work...

If you issue the proper certificates, it should work if and when you
get your router/firewall configs set. Note also that you may need to
use NAT-T (NAT traversal) if there is a NAT-based firewall in the way.
---
Jeffrey Randow (Network MVP)

Remote Networking Technology FAQ -
http://www.remotenetworktechnology.com
My Networking Blog: http://www.networkblog.net
MS Network Community -
http://www.microsoft.com/windowsserver2003/community/centers/networking/default.mspx
MS Home Networking Community -
http://www.microsoft.com/windowsxp/expertzone/communities/wireless.mspx

 

[Guest]

Thank you very much!

You need a user certificate and a computer certificate to get
cert-based L2TP work...

If you issue the proper certificates, it should work if and when you
get your router/firewall configs set. Note also that you may need to
use NAT-T (NAT traversal) if there is a NAT-based firewall in the way.
---
Jeffrey Randow (Network MVP)

Remote Networking Technology FAQ -
http://www.remotenetworktechnology.com
My Networking Blog: http://www.networkblog.net
MS Network Community -
http://www.microsoft.com/windowsserver2003/community/centers/networking/default.mspx
MS Home Networking Community -
http://www.microsoft.com/windowsxp/expertzone/communities/wireless.mspx