VPN-> L2TP & IPSec

Hareth · Jul 2, 2004

From what I know (I'm not sure), you need CA to use IPsec....

Can you still enable L2TP w/out using IPsec?

I'm asking because in rrasmgmt.msc, the "services & ports", it says
L2TP&IPsec (it made it sound like you need both configured to use L2TP)

rippy · Jul 2, 2004

You can use L2TP without IPSec if you like but IPSec does an encryption for
a VPN connection.
IPSec needs CA when you want to use certificates for IPSec tunnel
authentication. If you don't want to have CA you can use a pre-shared key
instend

Steven L Umbach · Jul 2, 2004

You can, but then it is not secure. The link below describes the procedure FYI but is
generally done to configure manual ipsec preshared key authentication policy between
to router endpoints.

http://support.microsoft.com/default.aspx?scid=kb;en-us;310109
http://support.microsoft.com/default.aspx?scid=kb;EN-US;240262

If certificates are not available, then pptp would be one way to go, but be sure to
use mschapv2 authentication and use strong passwords. If you have a W2K server, it is
easy to set up a CA to issue the needed machine certificates. --- Steve

VPN-> L2TP & IPSec

Hareth

rippy

Steven L Umbach