L2TP tunneling keeps negotiating security

So I'm playing around with setting up an encrypted tunnel between a couple
of my servers, and decided to try this. It's basically KB816514 (
http://support.microsoft.com/default...b;en-us;816514 ) but between
two servers. I figure it ought to work, but nooo. When I enable the policy
on one of them and try to ping from it to the other, it just says
"Negotiating IP Security". If a corresponding policy is not applied to the
other host, its pings to the first will time out. I would just say that
there's something blocking the policy negotiation, like port 500 is blocked,
but the IP security monitor doesn't show any changes in attempts or
failures.

I have them using pre-shared keys for testing. I have two one-way paths
specificed (eg the mirrored option is intentionally disabled since it won't
work any way). Um, I can't think of any other relevant specifics.

Any other suggestions for me to try right now? Thanks,

"Jordan Mills" <jordan at jordan mills dot com> wrote in message
news:(E-Mail Removed)...
> So I'm playing around with setting up an encrypted tunnel between a couple
> of my servers, and decided to try this. It's basically KB816514 (
> http://support.microsoft.com/default...b;en-us;816514 ) but
> between two servers. I figure it ought to work, but nooo. When I enable
> the policy on one of them and try to ping from it to the other, it just
> says "Negotiating IP Security". If a corresponding policy is not applied
> to the other host, its pings to the first will time out. I would just say
> that there's something blocking the policy negotiation, like port 500 is
> blocked, but the IP security monitor doesn't show any changes in attempts
> or failures.
>
> I have them using pre-shared keys for testing. I have two one-way paths
> specificed (eg the mirrored option is intentionally disabled since it
> won't work any way). Um, I can't think of any other relevant specifics.
>
> Any other suggestions for me to try right now? Thanks,
I figured it out. IPSec kept throwing authentication errors when it really
meant that it didn't feel like tunneling. Disable the tunnel option and it
works fine.