JSI Tip 6867. Windows XP users cannot connect to the remote access server when a remote access policy forces them to log on using L2TP?

When you create a remote access policy that forces a user to log on using a Layer-2 Tunneling Protocol (L2TP) connection, they are unable to connect to the remote access server.

If you have both L2TP and PPTP enabled on the remote access server, and a remote access policy requires that some Windows XP users must use L2TP, and the Windows XP users have selected the Automatic option in the Type of VPN list on the Networking tab of the Properties page of the remote access connection, then they will experience this problem.

The Automatic option causes Windows XP to try the default protocol, PPTP, first. Normally, if a connection could not be established, the next protocol, L2TP, is tried. Because the policy caused the user to be denied access, Windows XP does not continue trying to connect.

To workaround this behavior, you must configure the clients with L2TP IPSec VPN in the Type of VPN list:

1. On the client computer, open Control Panel.

2. If they are still in Category View, press Switch to Classic View.

3. Double-click Network Connections.

4. Right-click the remote access connection and press Properties.

5. Select the Networking tab.

6. Select L2TP IPSec VPN in the Type of VPN list and press OK.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.