• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

L2TP CA + pre-shared key concurrent use

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> L2TP CA + pre-shared key concurrent use Page: [1]
Login
Message << Older Topic   Newer Topic >>
L2TP CA + pre-shared key concurrent use - 12.Jul.2006 6:16:10 PM   
floris

 

Posts: 8
Joined: 12.Jul.2006
Status: offline
Hi all, I am quite new to ISA and I have a question about L2TP VPN and the concurrent use of certificates and pre-shared keys.

In our current setup we have successfully configured ISA 2004 to allow incoming VPN clients. The clients use certificates for authentication. Clients can succesfully setup a VPN connection and become part of our HQ network.

I need to now setup a branch office ISA 2004 server and need to connect to HQ using a ISA S2S L2TP connection - HOWEVER I want to use pre-shared keys to create this connection.
I setup the S2S VPN following the excellent ISA2004 VPN Dep. Kit document but I cannot get the ISA server in HW to connect to the branch office server. The "only" error message I get on the HQ server is:
"A Demand Dial connection to the remote interface HQ-2-Branch on port VPN4-8 was successfully initiated but failed to complete successfully because of the  following error: The L2TP connection attempt failed because security negotiation timed out."

I have gone through all of the settings and as far as I can see, they are OK, the only issue that comes to mind is that the current VPN setup for dial-in VPN clients uses RADIUS and certificates while I only want to use the pre-shared key.

Can someone shed some much needed light on this? I am more than happy to provide more details on the setup if required.

Many thanks!

Floris
Post #: 1
RE: L2TP CA + pre-shared key concurrent use - 12.Jul.2006 8:22:36 PM   
ClintD

 

Posts: 1848
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
Windows 2000 or Windows 2003 based ISA?

(in reply to floris)
Post #: 2
RE: L2TP CA + pre-shared key concurrent use - 13.Jul.2006 9:29:14 AM   
floris

 

Posts: 8
Joined: 12.Jul.2006
Status: offline
Windows 2003 ISA on both servers. HQ W2K3 Server is Standard Edition and Branch W2K3 Server is Enterprise Edition. HQ ISA Standard Edition, Branch ISA Server Enterprise Edition.

This is the setup so far:


http://static.flickr.com/56/188697407_f77d737bf5_o.gif


HTH,

Floris

< Message edited by floris -- 13.Jul.2006 1:20:48 PM >

(in reply to ClintD)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> L2TP CA + pre-shared key concurrent use Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts