•
TCP/IP
•
QoS Packet Scheduler
•
Make sure the following options are not selected:
•
File and Printer Sharing for Microsoft Networks
•
Client for Microsoft Networks
Disabling IPsec
•
Click the Networking tab.
•
Click Internet Protocol (TCP/IP) properties.
•
Double-click the Advanced tab.
•
Go to the Options tab and click IP security properties.
•
Make sure Do not use IPSEC is checked.
•
Click OK and close the connection properties window.
The default Windows XP L2TP traffic policy does not allow L2TP traffic without IPSec encryption. You can
disable default behavior by editing the Windows XP Registry as described in the following steps. Please refer to
the Microsoft documentation for editing the Windows Registry.
•
Use the registry editor (regedit) to locate the following key in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rasman\Parameters
•
Add the following registry value to this key:
Value Name: ProhibitIpSec
Data Type: REG_DWORD
Value: 1
•
Save your changes and restart the computer for the changes to take effect.
You must add the
ProhibitIpSec
registry value to each Windows XP-based endpoint computer of
an L2TP or IPSec connection to prevent the automatic filter for L2TP and IPSec traffic from being
created. When the
ProhibitIpSec
registry value is set to 1, your Windows XP-based computer
does not create the automatic filter that uses CA authentication. Instead, it checks for a local or Active
Directory IPSec policy.
Connecting to the L2TP VPN
•
Connect to your ISP.
•
Start the VPN connection that you configured in the previous procedure.
•
Enter your L2TP VPN User Name and Password.
•
Click Connect.
•
In the connect window, enter the User Name and Password you use to connect to your dial-up
network connection.
This user name and password is not the same as your VPN user name and password.
RADIUS authentication for PPTP and L2TP VPNs
If you have RADIUS servers installed, you can configure the DFL-1000 to use RADIUS for authenticating
PPTP and L2TP users. To configure RADIUS authentication you must add the IP addresses of your
RADIUS servers to the DFL-1000 VPN configuration and then turn on RADIUS support for PPTP and
L2TP.
DFL-1000 User’s Manual
66