Networking Forums
Home Register Members Search Links
Member Login:

Networking Forums > Computer Networking > Windows Networking > W2k3 - Site to Site VPN using L2TP/IPSec and certificates

Reply
Thread Tools Display Modes

W2k3 - Site to Site VPN using L2TP/IPSec and certificates

 
 
Ewald Bracko
Guest
Posts: n/a

 
      06-12-2008, 05:09 PM
Hi,

I have tried to configure a Site-to-Site VPN in a testing environment (2x
Win 2003 Enterprise Servers) by following the instructions from MS
(http://technet2.microsoft.com/window...mspx?mfr=true).

I have been following nearly exactly those instructions.

Both servers are DCs, each one configured with an Enterprise-Root-CA. RRAS
is configured for VPN and Demand-dial-routing. RRAS policies have been set
up. Authentication has been set up to use EAP with certificates (server,
policy, dial-on-demand connection). Encryption was set to L2TP/IPSec.
Certificates have been created using autoenrollment and webinterface and they
have been published to the neccessary places and have been mapped to the user
accounts where neccessary. The proper certificates have been set for the
credentials of the dial-on-demand interfaces.

While trying to establish a connection between the demand-dial-interfaces
the following error occurs:
"The connection to the interface has been disconnected."
"The following error occured: The interface credentials have not been set."

I changed the authentification method to MS-CHAP-V2. Now i was able to
establish the connection.

I changed the authentification method back to EAP with certificates.

I created a dialup connection with the same configuration as the demand-dial
interfaces. I used the certificate for the demand-dial interface for
authentification and was able to establish a connection. The
demand-dial-interface on the other side showed "connected".

I used the dialup dial function for the demand-dial connection by opening
the router.pbk (c:\windows\system32\ras, contains the configuration for the
demand-dial connection) and was able to establish a connection. The
demand-dial-interface on the other side showed "connected".

(I tried the steps mentioned before on both sides)

It looks like the error does only occur when I'm trying to establish the
connection between the demand-dial interfaces by selecting "connect" at one
of the demand-dial interfaces.

The same error occurs also with encryption set to PPTP.

Has anyone an idea why this error occurs and how to fix it?
Thank you in advance!
 
Reply With Quote
 
 
 
Reply

« All the network adapters in Device Manager have yellow exclamation | wireless connection?? »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
RRAS w2k3 r2 - BUG with D.O.D adapter in VPN Site-to-Site!!!!! Renato Jr/TX Informatica Windows Networking 3 01-02-2009 06:25 PM
L2TP/IPSEC SITE TO SITE VPN Issues JoeyG 2391 Windows Networking 4 10-17-2008 04:13 AM
L2TP/IPsec VPN with certificates for non-domain members Pieman Windows Networking 0 07-04-2007 10:22 AM
Site to Site VPN using IPSec between Win2k3 Server and BEFVP41 jlee161@comcast.net Windows Networking 8 03-09-2006 04:48 PM
IPSec Site to Site VPN T Bodie Windows Networking 1 05-17-2005 08:44 PM


Forum Software Powered by vBulletin®, Copyright Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2 ©2009, Crawlability, Inc.
Contact Us - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11