Configuring the Dial-In User Shared Secret on the Windows Client

You can provide an additional layer of authentication for your L2TP Layer 2 Tunneling Protocol remote-access users by configuring a shared secret on both the Threat Management Services (TMS) zl Module and the Windows client.

On the TMS zl Module, the shared secret is configured on VPN > IPsec > L2TP Remote Access in Step 1 of 3 of the Add Dial-In User window.

To configure the same shared secret on the Windows 2000, XP, or Vista client, you must edit the registry by following these steps:

 

  1. On the Windows Taskbar, select Start > Run.

 

 

  1. In the Run window, type regedit and press OK.

 

 

  1. In the left pane of the Registry Editor, open the following folders:

  1. HKEY_LOCAL_MACHINE

  2. SYSTEM

  3. CurrentControlSet

  4. Control

  5. Class

 

 

  1. In the Class folder, look for the first component with this format: xxxxxx72-xxxx-xxxx-xxxx-xxxxxxxxxxxxx

 

  1. Expand the component.

  2. One by one, click the subdirectories until you find this value in the right pane: DriverDesc | REG_SZ | WAN Miniport (L2TP)

  1. Select Edit > New > String Value.

 

 

  1. A new value appears in the right pane.

 

 

  1. Name the value Password.

 

  1. Right-click the value and select Modify.

 

  1. In the Value data field, type the shared secret and click OK.

 

  1. The entry should look like this.

  2. Close the registry and restart the computer.