• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 413
  • Last Modified:

VPN software for LT2P tunnel authentication

Hi Guys,

We need VPN software for Windows Server that would be able to do L2TP Tunnel Authentication / termination.

Any suggestions?
Rupert Eghardt
Rupert Eghardt
1 Solution
Aaron TomoskyTechnology ConsultantCommented:
Windows comes with a VPN client built in, windows server has a VPN server built in... So can you explain the situation a bit more?
I agree with Aaron, clarification is needed on this as Windows come with configurable VPN clients/connections built into the OS.
bbaoIT ConsultantCommented:
as mentioned above, Windows severs come with built-in VPN support for both client and server over IPsec and PPTP. what you do is simply to follow the instructions to setup a VPN server using RRAS. see below the official technical document for details.

FYI - Checklist: Installing and Configuring an RRAS VPN Server
Rupert EghardtProgrammerAuthor Commented:
Thanks for the help thus far, however, I am aware of Windows VPN abilities, but our requirement is somehow unique;
We have a service provider that provides us with a static IP, but for the static IP to work, we require L2TP "tunnel authentication" / "termination".

This is quite a unique feature and only a couple of router modules support this function.

An example of L2TP tunnel authentication / termination for router config;

•Protocol: L2TP VPN
•Type of connection: dial-out
•Server IP address: 196.30.xxx.xxx (this is a fixed IP address that you must supply)
•Connection type: Remote access
•Username: yourusername
•Password: yourDSLpassword
•Authentication type: PAP
•Tunnel authentication: enabled
•Secret: hxxx (this is a fixed secret for the L2TP server that you must supply)
•Activate as default route: yes
•Remote host name: (leave blank)
•Local host name: (leave blank)
•IPSec: not enabled
•Authentication: None
•Encryption: NULL
•Perfect forward secrecy: None
•Pre-shared key: (leave blank)

We've already tried a couple of routers with this VPN functionality, but all failed for various reasons;
I was advised by the ISP that as an alternate method, we can install VPN software on Windows server that supports L2TP VPN with tunnel authentication.

I don't think Windows supports this VPN functionality by default?
QlemoBatchelor and DeveloperCommented:
Had to read that up. "L2TP Tunnel Authentication" is used if you use a pure L2TP tunnel without encryption to authenticate the dial-in user. With L2TP/IPsec authentication is made by IPsec, and IPSec manages the credential stuff (in a much more secure way).

Some 3rd-party VPN clients indeed can use L2TP, but I have met none able to do what you request.
Worse, even if they would, they usually do not implement a routable interface, and so they can act only as a dial-in client working for programs running on that machine. (I'm very experienced in that part, as I always try to run proprietary VPN clients on a Windows router).
W2000 had a way to disable IPsec usage with L2TP (http://support2.microsoft.com/kb/258261/en-us) - but I expect that to being not available anymore.

This is indeed a very rare requirement, as there is no encryption, which contradicts with major reasons for using VPNs - security and privacy. As a matter of fact it only serves a purpose for ISP connections.

My recommendation is to ask the ISP for specific client information, or go back to the hardware router approach (and solve the issues with those).
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now