Avatar of laytonblackham
Flag for United States of America asked on

Creating a L2TP over IPSEC VPN from Windows XP SP2 to a Netscreen 50 advanced

Hi, below is what i have

Remote A

Windows XP SP2, connected to an ADSL via a Draytek 2600G which is doing NAT

Main Office

Netscreen 50 Advanced 5.3 r3.0

What i want to do is create a L2TP with IPSEC using a Pre shared Key, how do i do this?
I have read varous documents, but cant get it working.

the error i am getting on the netscreen is that the Pre shared key may not match.

where do i set the type of security on the Windows XP client?

also i forgot to say i am using the native VPN client on the Windows XP Pc and not a remote client.


NetworkingHardware FirewallsInternet Protocol Security

Avatar of undefined
Last Comment
Steve Jennings

8/22/2022 - Mon

L2TP and IPSEC are two different types of protocols for VPN.  To my knowledge, they're NOT compatible.  Are you trying to tunnel inside a tunnel?  Or one end L2TP and the other IPSEC?

I think they are compatable, l2tp is the tunnelling protocol and the IPSEC is the security, i know you can have AH or ESP with IPSEC.
I am positive i cannot use IPSEC with AH behind NAT as NAT will change the IP when NAT is applied.
I know i can use IPSEC with ESP with Certs behind NAT but not sure if i can use a PRE SHARED key or not.
Steve Jennings

laytonblackham, you are correct you can't use NAT and IPSEC w/ AH. There's no reason that the pre-shared key won't work provided.

Check this out:


Good luck,
Your help has saved me hundreds of hours of internet surfing.
Steve Jennings

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question