CMAK vpn profile woes



I am attempting to create a CMAK profile for L2TP/IPSEC based VPN
connections...using EAP with certificates (win2k3 server hosting
RRAS/IAS/CA...winXPsp2 clients).

What I would like is for the profile to behave exactly as the connection
I've created manually:

1. profile should use my current logon prompting for
2. profile should only allow EAP over L2TP
3. profile should NOT use default gateway on remote network
4. profile should enable an additional static route
5. profile should use an existing connection (no dial-up)

I created a profile with the settings that i THOUGHT were required to
accomplish this. When I attempt to use this profile the connection times
out after 60 sec...while negotiating security.

I backed off of requirement #2 above...and after 60+ sec. I was finally
authenticated via EAP. My manually created connection is authenticated
almost immediately.

What would cause the extended authentication time? Is there an advanced
setting I have set incorrectly...or maybe one I need to add? Something to
do with the certificate exchange...CustomAuthData perhaps?!?

What settings are needed in order to accomodate the above requirements? I
have tested many, including:


Any help primary concern is to fix the slow authentication.
Once that is tackled I want to make the profile as simple as possible to
use...just like my manual connection...double-click the connectoid...hit


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question