Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Setup RRAS to use L2TP/IPSEC not PPTP?

Status
Not open for further replies.
gavm99

gavm99

IS-IT--Management
May 18, 2004
809
0
0
GB
Hi all,

What I want to do is use RRAS to setup a IPSEC tunnel. I then want to be able to configure home PC's to connect in using IPSEC.

I have done this on many occasions with PPTP but never with IPSEC.

Can you please advise me if this is possible?
How I go about doing it?

Thanks in advance.
 
Sort by date Sort by votes
The whole process of using L2TP/IPSec is quite different that PPTP. I know it's old, and a custom MS thing but generally I prefer PPTP - because it's simple. I personally don't have time or the will to mess around with certificates on clients so opt for PPTP.

However, IPSec offers a big advantage in that you know that the device is authorised as well as the user. (The device must have a valid certificate, along with a username/password).

In terms of getting RRAS setup, it's the usual wizard, but once done go into the ports properties, 'Configure' the PPTP port and tell it not to be used for remote connections.

This will ensure that the RRAS server will only take in IPSec/L2TP connections instead.
Regarding setting up the rest of the infrastructre (certs) I'll leave that to someone else! :)

Cheers,




Steve.

"They have the internet on computers now!" - Homer Simpson
 
Upvote 0 Downvote
Hi Steve and All,

I have setup RRAS from you advice and that makes sense. However I'm now at the same point you mentioned, I need to know how to setup and issue certificates to clients? Does anyone know how to do this? I'm guessing on the server all you do is install and configure certificate services. How do I configure the client though? How does it get the certificate?

Any help would be appreciated.
 
Upvote 0 Downvote
From the little I know about it you need to get the client to request the certificate from a CA - but that's more of an assumption than anything else.

Try and
Should give you a pretty good guide.




Steve.

"They have the internet on computers now!" - Homer Simpson
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
105
microsGuy16
microsGuy16
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
88
DTGMI
DTGMI
dpellegrini
  • Locked
  • Question
Website will load using hostname but not IP address
Replies
3
Views
180
mangentle
mangentle
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
140
DrB0b
DrB0b
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
73
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top