VPN - L2TP/IPSec - IOS 12.3(11)T3 - Windows XP
Web Server forum
Back To The Forum Home!Search!Private Messaging System
Visit your User Control Panel!Register your FREE username now!Visit Our Calendar!View the Member List!Faqs!Search our Forums!

Web Server Talk Web Server Talk > WebserverTalk Community > VPN > VPN - L2TP/IPSec - IOS 12.3(11)T3 - Windows XP




  Last Thread   Next Thread Next
  Show Printable Version Email this Page Subscribe to this Thread      Post New Thread    Post A Reply      

    VPN - L2TP/IPSec - IOS 12.3(11)T3 - Windows XP  
Magistrator


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
02-17-05 10:45 PM

The point here is to create a dialin configuration on a router to
accept incoming L2TP/IPSec VPN requests.

After much searching and experimentation I ended with this
configuration:

!!!!!!!!!!!!!!!!!!!!!
!
!
crypto isakmp policy 1
authentication pre-share
encryption des
hash md5
group 1
lifetime 86400
crypto isakmp key 0 THEKEY address 0.0.0.0 0.0.0.0
!
crypto ipsec transform-set myTrans esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile myProfile
set transform-set myTrans
!
!
vpdn enable
!
vpdn-group vpnTeste
! Default L2TP VPDN group
accept-dialin
protocol l2tp
virtual-template 100
l2tp security crypto-profile myProfile
no l2tp tunnel authentication
ip mtu adjust
!
!
interface Virtual-Template 100
ip address 192.168.0.254 255.255.255.0
peer ip address forced
peer default ip address pool myPool
ppp lcp predictive
ppp encrypt mppe 128
ppp authentication ms-chap-v2
!
!!!!!!!!!!!!!!!!!!!!!!

I made the following required changes on Windows XP for a L2TP/IPSec
connection with Preshared Key Authentication:
http://support.microsoft.com/kb/240262

I configured de Windows XP VPN client accordingly.

While trying to connect, I monitored the comunication between my
Windows XP and the cisco Router.

Windows XP tried constantly to send a L2TP - SCCRQ Control message of
Start_Control_Request to the router. There was no kind of answer from
the router.
In L2TP with IPSec isn't the connection first secured with IKE
signalling between the two ends? If so, why does Windows start with a
L2TP control frame? Note that I selected to use the "Require
Encryption" on XPs VPN configuration.

At the router some debug messages showed what follows:

: L2TP: I SCCRQ from PENELOPE tnl 3
:  Tnl 57478 L2TP: Tunnel Authorization started for host PENELOPE
:  Tnl 57478 L2TP: New tunnel created for remote PENELOPE, address
10.0.0.100
: L2X: Tunnel author reply L2X info not found
:  Tnl 57478 L2TP: Ignoring SCCRQ, vpdn-group vpnTest requires
security, however the SCCRQ was received unprotected
:  Tnl 57478 L2TP: Shutdown tunnel


I ended a little confused.. Is this a windows problem?
Can anyone cast some light on this?
Anyone tried other configurations?




[ Post a follow-up to this message ]



    Re: VPN - L2TP/IPSec - IOS 12.3(11)T3 - Windows XP  
liminas_LT


View Ip Address Report This Message To A Moderator Edit/Delete Message


 
03-18-05 12:45 PM

What about success with this crazy stuf ?




[ Post a follow-up to this message ]



    Sponsored Links  




 



   All times are GMT. The time now is 03:32 PM.      Post New Thread    Post A Reply      
  Last Thread   Next Thread Next


Most Popular forums 
Apache Server MySQL for Windows Sendmail
Red Hat Networking SuSe Linux Debian Linux
FreeBSD administration Sun Solaris administration Unix Shell programming
WebSphere Portal Server Exchange 2000 administration PostgreSQL administration
Linux Security Computer Security Firewalls

Forum Jump:
Rate This Thread:

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts 		HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is OFF
 
Medical and Health forum | Computer Games Reviews | Graphics design forum

Back To The Top
Home | Usercp | Faq | Register