How do I configure Dial-VPN without using NetScreen Remote or L2TP?

  • Is there anyway to configure dial-up VPN using Window XP VPN client as the dialup client, instead of NetScreen Remote?

    Though I have successfully used L2TP, but that really does not serve our needs.

  • Yeah, basically I have gather from documentations and forums regarding this.

    Thanks for the confirmation Max!

  • Windows XP VPN client does not support straight IPsec.  It only supports L2TP over IPsec.  And even then there are some serious limitations.  For one you must use PKI certificates as Windows VPN client doesn’t have a provision to enter FQDN or u-FQDN in the IPsec piece.  Second you may have issues if you need to traverse a NAT device because L2TP over IPsec needs to be in transport mode which doesn’t have any nat-t support.

    I suspect that straight L2TP doesn’t fit your needs since there is no packet encryption.  My advise I always tell my customers is get a third-party IPsec client app and not use Windows XP L2TP over Ipsec solution.