Export (0) Print
Expand All
Expand Minimize

Network Interfaces - Demand-dial - Networking Tab

Applies To: Windows Server 2008

 

Dialog box element Description

Type of VPN

Lists the available remote access server types you can call. Choices vary, depending on the type of connection.

If a host name or Internet Protocol version 4 (IPv4) address is entered in the General tab, the type of VPN allowed is: Automatic, PPTP VPN, or L2TP IPsec.

If an Internet Protocol version 6 (IPv6) address is entered in the General tab, the type of VPN allowed is: L2TP IPsec.

For a virtual private network (VPN) connection, if you are not sure which type to select, click Automatic. PPTP is attempted first, and then L2TP. If you are sure that your VPN server is a PPTP server or an L2TP server, select the appropriate server type.

In order to connect to an L2TP server, the Trusted Root Certification Authorities certificate store on your computer must contain the certificate of the root authority for the certification authority that issued your computer certificate and the certificate for the L2TP server.

This connection uses the following items

Lists the available network components that your connection can use. Network components are the clients, services, and protocols you use to communicate with servers on your network once you are connected to a server.

To enable the use of a network component, click the check box next to the name of the component. To disable the use of a network component, clear the check box next to the name of the component.

More than one network protocol may be listed.

IPsec Settings

 

Dialog box element Description

Use preshared key for authentication

Specifies whether the preshared key method of authentication is enabled for the Internet Key Exchange (IKE). This method uses a secret set of characters (the key) that has been agreed upon by two users.

The use of preshared key authentication is not recommended because it is a relatively weak authentication method. Preshared key authentication creates a master key that is less secure (that might produce a weaker form of encryption) than certificates or the Kerberos V5 protocol. In addition, preshared keys are stored in plaintext in the registry. In Active Directory, preshared keys are stored in readable hexadecimal format.

Preshared key authentication is provided for interoperability purposes and to adhere to IPsec standards. It is recommended that you use preshared keys only for testing and that you use certificates or Kerberos V5 instead in a production environment.

Key

Type your preshared key. This option is available only if the Use preshared key for authentication check box has been selected.

Use certificate for authentication

Specifies whether the certificate method of authentication is enabled for the Internet Key Exchange (IKE). This method uses a certificate issued from a specified certification authority (CA).

Verify the Name and Usage attributes of the server's certificate

Specifies whether the server verifies the validity of the certificate used for IKE with the CA certificate the server has in its certificate store.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft