Sign in with
Sign up | Sign in
Your question

L2TP provide hostname instead of userID

Last response: in Windows XP
Share
Anonymous
a b D Laptop
November 5, 2004 6:28:01 AM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hello,

I have a little problem with some laptops and Windows XP SP1.

I'm trying to join a VPN Gateway (a nortel contivity) with L2TP over IPSec.
There is no routing problem, the IPSec tunnel is mounted, but after the L2TP
is not mounted because Windows XP send the hostname of the laptop instead of
the User ID that I define in the L2TP configuration panel.

in the contivity log I see this :
Session: L2TP[computer.domain.com] attempting login

instead of this :
Session: L2TP[UserID] attempting login

I have the same problem on 3 differents laptops and I don't find any
information about how doing to correct this.

Thanks for your help !
Anonymous
a b D Laptop
November 8, 2004 11:49:02 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Unless you are using Preshared Keys - the computer must authenticate
with a computer certificate... That is why you are seeing this...
---
Jeffrey Randow (Windows Networking MVP)
jeffreyr-support@remotenetworktechnology.com

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows Network Technology Community -
http://www.microsoft.com/windowsserver2003/community/ce...
Windows Home Networking Community -
http://www.microsoft.com/windowsxp/expertzone/communiti...

On Fri, 5 Nov 2004 03:28:01 -0800, "chevket"
<chevket@discussions.microsoft.com> wrote:

>Hello,
>
>I have a little problem with some laptops and Windows XP SP1.
>
>I'm trying to join a VPN Gateway (a nortel contivity) with L2TP over IPSec.
>There is no routing problem, the IPSec tunnel is mounted, but after the L2TP
>is not mounted because Windows XP send the hostname of the laptop instead of
>the User ID that I define in the L2TP configuration panel.
>
>in the contivity log I see this :
>Session: L2TP[computer.domain.com] attempting login
>
>instead of this :
>Session: L2TP[UserID] attempting login
>
>I have the same problem on 3 differents laptops and I don't find any
>information about how doing to correct this.
>
>Thanks for your help !
Anonymous
a b D Laptop
November 10, 2004 11:06:03 AM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hello,

I use login password with L2TP and I have configure all to use it like this,
and when I connect with L2TP connection, it ask me a login and a password. If
I had configure it to use certificates, the connexion should be done without
asking me a login/password.

I use certificates with IPSec.

I don't understand why windows sen the hostname when it ask me to enter a
login password for the L2TP connexion.

I have also configure the L2TP connexion via the Internet Explorer
properties to be sure to don't have differents configuration on differents
places but it don't change anything.

Or maybe is there something, somewhere, in the registry by exemple saying to
windows to use the hostname instead of the login that I enter ?

Thanks for your answer.


"Jeffrey Randow (MVP)" wrote:

> Unless you are using Preshared Keys - the computer must authenticate
> with a computer certificate... That is why you are seeing this...
> ---
> Jeffrey Randow (Windows Networking MVP)
> jeffreyr-support@remotenetworktechnology.com
>
> Please post all responses to the newsgroups for the benefit
> of all USENET users. Messages sent via email may or may not
> be answered depending on time availability....
>
> Remote Networking Technology Support Site -
> http://www.remotenetworktechnology.com
> Windows Network Technology Community -
> http://www.microsoft.com/windowsserver2003/community/ce...
> Windows Home Networking Community -
> http://www.microsoft.com/windowsxp/expertzone/communiti...
>
Related resources
Can't find your answer ? Ask !
Anonymous
a b D Laptop
November 11, 2004 11:05:50 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

You didn't follow me....

L2TP in Windows XP requires two authentications - a computer
authentication and a user authentication.

Unless you use a cert-based system, you must use the Pre-Shared Key.
If you do not configure this, then Windows will attempt to present one
of its computer certificates. If a valid certificate does not exist
for the computer account, you will not be able to connect.

After the computer authenticates, you must then authenticate as a user
either using a UN/PW or a user certificate...
---
Jeffrey Randow (Windows Networking MVP)
jeffreyr-support@remotenetworktechnology.com

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows Network Technology Community -
http://www.microsoft.com/windowsserver2003/community/ce...
Windows Home Networking Community -
http://www.microsoft.com/windowsxp/expertzone/communiti...

On Wed, 10 Nov 2004 08:06:03 -0800, "chevket"
<chevket@discussions.microsoft.com> wrote:

>Hello,
>
>I use login password with L2TP and I have configure all to use it like this,
>and when I connect with L2TP connection, it ask me a login and a password. If
>I had configure it to use certificates, the connexion should be done without
>asking me a login/password.
>
>I use certificates with IPSec.
>
>I don't understand why windows sen the hostname when it ask me to enter a
>login password for the L2TP connexion.
>
>I have also configure the L2TP connexion via the Internet Explorer
>properties to be sure to don't have differents configuration on differents
>places but it don't change anything.
>
>Or maybe is there something, somewhere, in the registry by exemple saying to
>windows to use the hostname instead of the login that I enter ?
>
>Thanks for your answer.
>
>
>"Jeffrey Randow (MVP)" wrote:
>
>> Unless you are using Preshared Keys - the computer must authenticate
>> with a computer certificate... That is why you are seeing this...
>> ---
>> Jeffrey Randow (Windows Networking MVP)
>> jeffreyr-support@remotenetworktechnology.com
>>
>> Please post all responses to the newsgroups for the benefit
>> of all USENET users. Messages sent via email may or may not
>> be answered depending on time availability....
>>
>> Remote Networking Technology Support Site -
>> http://www.remotenetworktechnology.com
>> Windows Network Technology Community -
>> http://www.microsoft.com/windowsserver2003/community/ce...
>> Windows Home Networking Community -
>> http://www.microsoft.com/windowsxp/expertzone/communiti...
>>
Anonymous
a b D Laptop
November 22, 2004 12:29:06 PM

Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hello,

Thanks for your answer.

When you explain that with L2TP Windows do 2 authentication, one for the
computer and one for the user, You want to say that the athentication of the
computer is the IPSec authentication and the user authentication is made by
the L2TP or that after the IPSec tunnel is mounted, L2TP try the 2
authentication modes ?

If in the L2TP try to authenticate first the computer, before the user, how
can I do to disable this first authentication mode ? The contivity VPN
gateway doesn't give any way to configure 2 authentications mode for the L2TP
account, only an user account.



"Jeffrey Randow (MVP)" wrote:

> You didn't follow me....
>
> L2TP in Windows XP requires two authentications - a computer
> authentication and a user authentication.
>
> Unless you use a cert-based system, you must use the Pre-Shared Key.
> If you do not configure this, then Windows will attempt to present one
> of its computer certificates. If a valid certificate does not exist
> for the computer account, you will not be able to connect.
>
> After the computer authenticates, you must then authenticate as a user
> either using a UN/PW or a user certificate...
> ---
> Jeffrey Randow (Windows Networking MVP)
> jeffreyr-support@remotenetworktechnology.com
>
> Please post all responses to the newsgroups for the benefit
> of all USENET users. Messages sent via email may or may not
> be answered depending on time availability....
>
> Remote Networking Technology Support Site -
> http://www.remotenetworktechnology.com
> Windows Network Technology Community -
> http://www.microsoft.com/windowsserver2003/community/ce...
> Windows Home Networking Community -
> http://www.microsoft.com/windowsxp/expertzone/communiti...
>
> On Wed, 10 Nov 2004 08:06:03 -0800, "chevket"
> <chevket@discussions.microsoft.com> wrote:
>
> >Hello,
> >
> >I use login password with L2TP and I have configure all to use it like this,
> >and when I connect with L2TP connection, it ask me a login and a password. If
> >I had configure it to use certificates, the connexion should be done without
> >asking me a login/password.
> >
> >I use certificates with IPSec.
> >
> >I don't understand why windows sen the hostname when it ask me to enter a
> >login password for the L2TP connexion.
> >
> >I have also configure the L2TP connexion via the Internet Explorer
> >properties to be sure to don't have differents configuration on differents
> >places but it don't change anything.
> >
> >Or maybe is there something, somewhere, in the registry by exemple saying to
> >windows to use the hostname instead of the login that I enter ?
> >
> >Thanks for your answer.
> >
> >
> >"Jeffrey Randow (MVP)" wrote:
> >
> >> Unless you are using Preshared Keys - the computer must authenticate
> >> with a computer certificate... That is why you are seeing this...
> >> ---
> >> Jeffrey Randow (Windows Networking MVP)
> >> jeffreyr-support@remotenetworktechnology.com
> >>
> >> Please post all responses to the newsgroups for the benefit
> >> of all USENET users. Messages sent via email may or may not
> >> be answered depending on time availability....
> >>
> >> Remote Networking Technology Support Site -
> >> http://www.remotenetworktechnology.com
> >> Windows Network Technology Community -
> >> http://www.microsoft.com/windowsserver2003/community/ce...
> >> Windows Home Networking Community -
> >> http://www.microsoft.com/windowsxp/expertzone/communiti...
> >>
>
>
!