Configure and Use L2TP on Windows XP
Windows XP includes a native VPN client. You can use the Windows XP VPN client to make an L2TP VPN connection to a WatchGuard XTM device.
Configure the L2TP Connection
To prepare a Windows XP computer to make an L2TP VPN connection, you must configure the L2TP connection in the network settings.
The exact steps could be slightly different, depending on your Control Panel view, and your existing configuration.
From the Windows Desktop of the client computer:
- From the Windows Start menu, select Control Panel > Network Connections.
- Select Create a new connection.
Or, click New Connection Wizard in Windows Classic view.
The New Connection wizard appears.
- Click Next.
- Select Connect to the network at my workplace and click Next.
- Select Virtual Private Network connection and click Next.
- Type a name for the new connection (such as "L2TP Mobile VPN") and click Next.
The VPN Server Selection page appears.
- Type the host name or IP address of the XTM device external interface and click Next.
The Completion screen appears.
- Select Add a shortcut to this connection to my desktop if you want to create a shortcut on your desktop.
- Click Finish.
The Connect dialog box appears.
- Click Properties to edit other properties for this connection.
The Properties dialog box appears.
- The General tab contains the IP address you provided in the New Connection Wizard. You do not need to change anything on this tab unless the IP address of your XTM device changes.
- Select the Options tab.
- (Optional) If you want the Connect dialog box to provide a text box where the user can type a domain name, select the Windows logon domain check box.
When this check box is selected, the Connect dialog box asks for a domain name as well as a user name and password.
- Select the Security tab.
- Select Advanced (custom settings). Click Settings.
- In the Data encryption drop-down list, select Require encryption.
- Select Microsoft CHAP Version 2 as the only allowed protocol.
- Click OK to save the advanced security settings.
- In the Security tab, click IPSec Settings.
- Select the Use pre-shared key for authentication check box.
- In the Key text box, type the pre-shared key for this tunnel. The pre-shared key must match the pre-shared key configured on the XTM device Mobile VPN with L2TP IPSec settings.
- Click OK.
- Select the Networking tab.
- From the Type of VPN drop-down list, select L2TP IPSec VPN.
- Do not change the default PPP settings or TCP/IP properties.
Start the L2TP Connection
The name of the VPN connection is the destination name you used when you configured the L2TP connection on the client computer. The user name and password refers to one of the users you added to the L2TP-Users group. For more information, see About L2TP User Authentication .
Make sure the client computer has an active connection to the Internet before you begin.
- Double-click the shortcut to the new connection on your desktop.
Or, select Control Panel > Network Connections and select the new connection from the Virtual Private Network list.
- Type the user name and passphrase for the connection.
- Click Connect.
For information about how to specify the non-default authentication serve when you connect, see Connect from an L2TP VPN Client.
Options for Internet Access Through a Mobile VPN with L2TP Tunnel