You can provide an additional layer of authentication for your L2TP remote-access users by configuring a shared secret on both the Threat Management Services (TMS) zl Module and the Windows client.
On the TMS zl Module, the shared secret is configured on VPN > IPsec > L2TP Remote Access in Step 1 of 3 of the Add Dial-In User window.

To configure the same shared secret on the Windows 2000, XP, or Vista client, you must edit the registry by following these steps:
-
On the Windows Taskbar, select Start > Run.
|

|
-
In the Run window, type regedit and press OK.
|

|
-
In the left pane of the Registry Editor, open the following folders:
-
HKEY_LOCAL_MACHINE
-
SYSTEM
-
CurrentControlSet
-
Control
-
Class
|

|
-
In the Class folder, look for the first component with this format: xxxxxx72-xxxx-xxxx-xxxx-xxxxxxxxxxxxx
|

|
-
Expand the component.
-
One by one, click the subdirectories until you find this value in the right pane: DriverDesc | REG_SZ | WAN Miniport (L2TP)
|
|
-
Select Edit > New > String Value.
|

|
-
A new value appears in the right pane.
|

|
-
Name the value Password.
|

|
-
Right-click the value and select Modify.
|

|
-
In the Value data field, type the shared secret and click OK.
|

|
-
The entry should look like this.
-
Close the registry and restart the computer.
|

|
|