Link to home
Get AccessLog in
Avatar of laytonblackham
laytonblackhamFlag for United States of America

asked on

Creating a L2TP over IPSEC VPN from Windows XP SP2 to a Netscreen 50 advanced

Hi, below is what i have

Remote A

Windows XP SP2, connected to an ADSL via a Draytek 2600G which is doing NAT

Main Office

Netscreen 50 Advanced 5.3 r3.0

What i want to do is create a L2TP with IPSEC using a Pre shared Key, how do i do this?
I have read varous documents, but cant get it working.

the error i am getting on the netscreen is that the Pre shared key may not match.

where do i set the type of security on the Windows XP client?

also i forgot to say i am using the native VPN client on the Windows XP Pc and not a remote client.


Avatar of pseudocyber

L2TP and IPSEC are two different types of protocols for VPN.  To my knowledge, they're NOT compatible.  Are you trying to tunnel inside a tunnel?  Or one end L2TP and the other IPSEC?
Avatar of laytonblackham


I think they are compatable, l2tp is the tunnelling protocol and the IPSEC is the security, i know you can have AH or ESP with IPSEC.
I am positive i cannot use IPSEC with AH behind NAT as NAT will change the IP when NAT is applied.
I know i can use IPSEC with ESP with Certs behind NAT but not sure if i can use a PRE SHARED key or not.
Avatar of Steve Jennings
laytonblackham, you are correct you can't use NAT and IPSEC w/ AH. There's no reason that the pre-shared key won't work provided.

Check this out:

Good luck,
Avatar of Steve Jennings
Steve Jennings

Link to home
This content is only available to members.
To access this content, you must be a member of Experts Exchange.
Get Access