Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 406
  • Last Modified:

VPN software for LT2P tunnel authentication

Hi Guys,

We need VPN software for Windows Server that would be able to do L2TP Tunnel Authentication / termination.

Any suggestions?
0
Rupert Eghardt
Asked:
Rupert Eghardt
1 Solution
 
Aaron TomoskyTechnology ConsultantCommented:
Windows comes with a VPN client built in, windows server has a VPN server built in... So can you explain the situation a bit more?
0
 
RizzleCommented:
I agree with Aaron, clarification is needed on this as Windows come with configurable VPN clients/connections built into the OS.
0
 
bbaoIT ConsultantCommented:
as mentioned above, Windows severs come with built-in VPN support for both client and server over IPsec and PPTP. what you do is simply to follow the instructions to setup a VPN server using RRAS. see below the official technical document for details.

FYI - Checklist: Installing and Configuring an RRAS VPN Server
http://technet.microsoft.com/en-us/library/dd469733.aspx
0
 
Rupert EghardtAuthor Commented:
Thanks for the help thus far, however, I am aware of Windows VPN abilities, but our requirement is somehow unique;
We have a service provider that provides us with a static IP, but for the static IP to work, we require L2TP "tunnel authentication" / "termination".

This is quite a unique feature and only a couple of router modules support this function.

An example of L2TP tunnel authentication / termination for router config;

•Protocol: L2TP VPN
•Type of connection: dial-out
•Server IP address: 196.30.xxx.xxx (this is a fixed IP address that you must supply)
•Connection type: Remote access
•Username: yourusername
•Password: yourDSLpassword
•Authentication type: PAP
•Tunnel authentication: enabled
•Secret: hxxx (this is a fixed secret for the L2TP server that you must supply)
•Activate as default route: yes
•Remote host name: (leave blank)
•Local host name: (leave blank)
•IPSec: not enabled
•Authentication: None
•Encryption: NULL
•Perfect forward secrecy: None
•Pre-shared key: (leave blank)

We've already tried a couple of routers with this VPN functionality, but all failed for various reasons;
I was advised by the ISP that as an alternate method, we can install VPN software on Windows server that supports L2TP VPN with tunnel authentication.

I don't think Windows supports this VPN functionality by default?
0
 
QlemoC++ DeveloperCommented:
Had to read that up. "L2TP Tunnel Authentication" is used if you use a pure L2TP tunnel without encryption to authenticate the dial-in user. With L2TP/IPsec authentication is made by IPsec, and IPSec manages the credential stuff (in a much more secure way).

Some 3rd-party VPN clients indeed can use L2TP, but I have met none able to do what you request.
Worse, even if they would, they usually do not implement a routable interface, and so they can act only as a dial-in client working for programs running on that machine. (I'm very experienced in that part, as I always try to run proprietary VPN clients on a Windows router).
W2000 had a way to disable IPsec usage with L2TP (http://support2.microsoft.com/kb/258261/en-us) - but I expect that to being not available anymore.

This is indeed a very rare requirement, as there is no encryption, which contradicts with major reasons for using VPNs - security and privacy. As a matter of fact it only serves a purpose for ISP connections.

My recommendation is to ask the ISP for specific client information, or go back to the hardware router approach (and solve the issues with those).
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now