Skip navigation

JSI Tip 3992. How do I disable the automatic IPSEC policy used with L2TP?

IPSEC automatically enables security for L2TP traffic because L2TP does NOT provide encryption.

If you wish to use pre-shared keys, see Q240262.

If you are troubleshooting L2TP/IPSEC connections, disabling the policy on both client and server will allow you to create a L2TP tunnel without IPSEC.

NOTE: Disabling IPSEC for L2TP connections limits security and should only be done when troubleshooting.

To disable the policy:

1. Use Regedt32 to navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rasman\Parameters.

2. On the Edit menu, Add Value name ProhibitIpSec, a REG_DWORD data type, and set the data value to 1.

3. Restart your Windows 2000 computer.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.