2003 L2TP issues

[Richard]

I have not been able to get L2TP to work on 2003. When I
run the connection I get..

Error 789. The security layer encountered a processing
error during initial negotiations with the remote computer

When I examine the IPsec cert that is install on both the
server and the client. (The CA is also the VPN server)
The VPN server is god. But the client has an entry listed
below.


Enhanced Key usage has a value of...
Unknown Key Usage(1.3.6.1.5.5.8.2.2)

any ideas how to get this working?

-Richard

 

[Chetan Raghavendra [MSFT]]

Hi Richard,

Can you check out the white paper which explains how to deploy L2TP VPN
servers at
http://www.microsoft.com/technet/tr...windowsserver2003/deploy/confeat/vpndeplr.asp.
It gives step by step description on how to deploy.

--
Thanks
Chetan
(e-mail address removed)

This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Richard]

I am white papered out. I have read that one and a dozen
more. Nothing gets this working. I have even had a
support call opened for going on 3 days now with Microsoft
and I still dont have an answer. I was hoping for more
insight than the normal just read the whitepapers.

But thanks for the advice.

-Richard

 

[Lim]

Hi Richard, I got the same error you got, plus error 792.
Here is what I did:

1. Error 789
- make sure the IPSEC Policy Agent service (W2K) or IPSEC
Service is running
- make sure the certificate is installed on the Local
Computer's Certificates store. As far as I know, it won't
work if you copy the certificate from the Current User's
store to the Local Computer. This apply to both the client
and VPN server

2. Error 792
- run these commands on your VPN server:
net stop policyagent
net start policyagent
net stop remoteacces
net start remoteaccess

Hope this helps.

/Lim