10-07-2008 02:40 AM - edited 02-21-2020 03:02 AM
I'm trying to configure an L2TP remote access connection in the ASA to connect from a Microsoft Windows XP / Vista client. I haven't found any example in Cisco website (only for preshared key L2TP connection) so I have a lack of information.
First of all, what type of certificate do you need for the client? User or machine, any of them, both?
And for the ASA? Do you know any link to configure L2TP with certificates or do you have any configuration?
Thanks
10-13-2008 09:17 AM
The primary benefit of configuring L2TP with IPSec in a remote access scenario is that remote users can access a VPN over a public IP network without a gateway or a dedicated line, enabling remote access from virtually anyplace with POTS. An additional benefit is that the only client requirement for VPN access is the use of Windows 2000 with Microsoft Dial-Up Networking (DUN). No additional client software, such as Cisco VPN client software, is required.To configure L2TP over IPSec, first configure IPSec transport mode to enable IPSec with L2TP. Then configure L2TP with a virtual private dial-up network VPDN group.
10-14-2008 04:32 AM
I know how to do an L2TP VPN with preshared key. My question is about how to do it with certificates.
Thanks
10-20-2008 01:01 PM
For Vista, you want to create an L2TP IPSec VPN connection object, then you just choose the radio button for Use certificate for authentication.
Now this is for machine authentication and those certs have to be issued by an internal CA and provisioned onto each machine.
I suppose you could do this with user certs, but I'm not sure why you would.
10-21-2008 12:19 AM
Thanks. I will try
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: