VPN using L2TP
From: Sawlmgsj (Sawlmgsj_at_discussions.microsoft.com)
Date: 03/09/05
- Next message: Pat Coleman: "Re: Administrator not the Administrator ??"
- Previous message: Matt S: "SBS 2003 and XP SP2 Clients (Outlook)"
- Next in thread: Phillip Windell: "Re: VPN using L2TP"
- Reply: Phillip Windell: "Re: VPN using L2TP"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 9 Mar 2005 06:31:07 -0800
I have SBS2003 Standard and want to VPN from XP with SP2.
No problem using PPTP but cannot make it work with L2TP.
Have created certificates and deployed to workstation.
I have two NIC's in server: 192.168.16.2 and 192.168.1.7 to my router which
is using NAT. Ports are opened on router and have tried opening it
completely. NAT on router for XP workstation.
I have reproduced the first 5 messages from the log - Event Viewer -
Security. My domain is ibs.local
public IP address for XP machine is: 213.218.243.182
I have opened the ports on RRA and also enabled EAP.
IKE security association established.
Mode:
Key Exchange Mode (Main Mode)
Peer Identity:
Certificate based Identity.
Peer Subject CN=SAWLMGSJ01.IBS.local
Peer SHA Thumbprint d33b8e34a1005acebec8862778322d93d9444459
Peer Issuing Certificate Authority DC=local, DC=IBS, CN=Inform Certificate
Authority
Root Certificate Authority DC=local, DC=IBS, CN=Inform Certificate Authority
My Subject CN=sbsserver.IBS.local
My SHA Thumbprint f324e7089d4e2249c8962d449a3b287dff0dc08f
Peer IP Address: 213.218.243.182
Filter:
Source IP Address 192.168.1.7
Source IP Address Mask 255.255.255.255
Destination IP Address 213.218.243.182
Destination IP Address Mask 255.255.255.255
Protocol 0
Source Port 0
Destination Port 0
IKE Local Addr 192.168.1.7
IKE Peer Addr 213.218.243.182
IKE Source Port 4500
IKE Destination Port 0
Peer Private Addr
Parameters:
ESP Algorithm Triple DES CBC
HMAC Algorithm SHA
Lifetime (sec) 28800
MM delta time (sec) 0
IKE security association established.
Mode:
Data Protection Mode (Quick Mode)
Peer Identity:
Certificate based Identity.
Peer Subject CN=SAWLMGSJ01.IBS.local
Peer SHA Thumbprint d33b8e34a1005acebec8862778322d93d9444459
Peer Issuing Certificate Authority DC=local, DC=IBS, CN=Inform Certificate
Authority
Root Certificate Authority DC=local, DC=IBS, CN=Inform Certificate Authority
My Subject CN=sbsserver.IBS.local
My SHA Thumbprint f324e7089d4e2249c8962d449a3b287dff0dc08f
Peer IP Address: 213.218.243.182
Filter:
Source IP Address 192.168.1.7
Source IP Address Mask 255.255.255.255
Destination IP Address 213.218.243.182
Destination IP Address Mask 255.255.255.255
Protocol 17
Source Port 1701
Destination Port 1701
IKE Local Addr 192.168.1.7
IKE Peer Addr 213.218.243.182
IKE Source Port 4500
IKE Destination Port 4500
Peer Private Addr 192.168.1.11
Parameters:
ESP Algorithm Triple DES CBC
HMAC Algorithm MD5
AH Algorithm None
Encapsulation Transport Mode with UDP encapsulation
InboundSpi 1150581090 (0x44947962)
OutBoundSpi 3886302825 (0xe7a44669)
Lifetime (sec) 3600
Lifetime (kb) 250000
QM delta time (sec) 0
Total delta time (sec) 0
IKE security association established.
Mode:
Key Exchange Mode (Main Mode)
Peer Identity:
Certificate based Identity.
Peer Subject CN=SAWLMGSJ01.IBS.local
Peer SHA Thumbprint d33b8e34a1005acebec8862778322d93d9444459
Peer Issuing Certificate Authority DC=local, DC=IBS, CN=Inform Certificate
Authority
Root Certificate Authority DC=local, DC=IBS, CN=Inform Certificate Authority
My Subject CN=sbsserver.IBS.local
My SHA Thumbprint f324e7089d4e2249c8962d449a3b287dff0dc08f
Peer IP Address: 213.218.243.182
Filter:
Source IP Address 192.168.1.7
Source IP Address Mask 255.255.255.255
Destination IP Address 213.218.243.182
Destination IP Address Mask 255.255.255.255
Protocol 0
Source Port 0
Destination Port 0
IKE Local Addr 192.168.1.7
IKE Peer Addr 213.218.243.182
IKE Source Port 4500
IKE Destination Port 0
Peer Private Addr
Parameters:
ESP Algorithm Triple DES CBC
HMAC Algorithm SHA
Lifetime (sec) 28800
MM delta time (sec) 1
IKE security association established.
Mode:
Data Protection Mode (Quick Mode)
Peer Identity:
Certificate based Identity.
Peer Subject CN=SAWLMGSJ01.IBS.local
Peer SHA Thumbprint d33b8e34a1005acebec8862778322d93d9444459
Peer Issuing Certificate Authority DC=local, DC=IBS, CN=Inform Certificate
Authority
Root Certificate Authority DC=local, DC=IBS, CN=Inform Certificate Authority
My Subject CN=sbsserver.IBS.local
My SHA Thumbprint f324e7089d4e2249c8962d449a3b287dff0dc08f
Peer IP Address: 213.218.243.182
Filter:
Source IP Address 192.168.1.7
Source IP Address Mask 255.255.255.255
Destination IP Address 213.218.243.182
Destination IP Address Mask 255.255.255.255
Protocol 17
Source Port 1701
Destination Port 1701
IKE Local Addr 192.168.1.7
IKE Peer Addr 213.218.243.182
IKE Source Port 4500
IKE Destination Port 4500
Peer Private Addr 192.168.1.11
Parameters:
ESP Algorithm Triple DES CBC
HMAC Algorithm MD5
AH Algorithm None
Encapsulation Transport Mode with UDP encapsulation
InboundSpi 465703201 (0x1bc21121)
OutBoundSpi 3730048001 (0xde540401)
Lifetime (sec) 3600
Lifetime (kb) 250000
QM delta time (sec) 0
Total delta time (sec) 1
IKE security association ended.
Mode: Data Protection (Quick mode) Filter:
Source IP Address 192.168.1.7
Source IP Address Mask 255.255.255.255
Destination IP Address 213.218.243.182
Destination IP Address Mask 255.255.255.255
Protocol 17
Source Port 1701
Destination Port 1701
IKE Local Addr 192.168.1.7
IKE Peer Addr 213.218.243.182
IKE Source Port 4500
IKE Destination Port 4500
Peer Private Addr 192.168.1.11
Inbound SPI:
1150581090 (0x44947962)
Outbound SPI:
3886302825 (0xe7a44669)
I can create the VPN connection with the two machines networked on a LAN,
but strangely I cannot then map any drives.
Can you help?
Thanks,
Steve.
- Next message: Pat Coleman: "Re: Administrator not the Administrator ??"
- Previous message: Matt S: "SBS 2003 and XP SP2 Clients (Outlook)"
- Next in thread: Phillip Windell: "Re: VPN using L2TP"
- Reply: Phillip Windell: "Re: VPN using L2TP"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
