Hi all:
I have some IPSEC VPN questions.
This is what I'd like to do
Win20000 VPN Client
(IPSEC)
|
Internet
|
|
|
DLink DI-704P
Router
|
|
Win 2000 Adv. Server
with IPSEC RAS VPN
I have some IPSEC VPN questions.
This is what I'd like to do
Win20000 VPN Client
(IPSEC)
|
Internet
|
|
|
DLink DI-704P
Router
|
|
Win 2000 Adv. Server
with IPSEC RAS VPN
Question 1:
Is it possible to connect a Win2000 Pro client to a Win2000
Server over the internet using L2TP over IPSEC like this?
Some documentation claims that you can only use IPSEC using
2 servers to create a tunnel. Note-I do not wish to connect
2 servers or use a hardware endpoint-just want to know if
this configuration is possible.
Question 2:
Do you need certificates for this config? Why does some
Microsoft documentation claim you must use certificates if
one can use pre-shared keys?
Question 3:
I believe I've configured the local server and the remote
workstation correctly. Except for one thing. On the server,
do I set a tunnel endpoint in the ipsec settings?
At first, I had a tunnel set, but now I've been told that
it is L2TP that does the tunnelling, and so the ipsec
setting on the Server should be left in transport mode,
even though the packets are going across the internet.
Once I know whether this configuration could work or not,
I'll figure out whether the problems is actually the DLink
router. According to DLink's brochure, it is capable of
L2TP, but DLink tech. support says they don't know. Go
figure.
Any gurus out there know about this?
Thanks
Brad