Re: VPN tunnel question

From: Miha (miha.bernik_at_email.si)
Date: 11/05/05


Date: Sat, 5 Nov 2005 13:21:22 +0100

Miha thank's for the reply.
Since on the other side they have a WinNT server, on our side it is a
Win2003 could there be any complications or is it better to implement also
at our side a WinNT server?
Regards
Miha

"Miha Pihler [MVP]" <mihap-news@atlantis.si> je napisal v sporočilo
news:e707psf4FHA.1188@TK2MSFTNGP12.phx.gbl ...
> Information provided in used for Site-to-Site VPN.
>
> --
> Miha
> Microsoft MVP - Windows Security
>
> "Miha" <miha.bernik@email.si> wrote in message
> news:%23PA8AUe4FHA.1276@TK2MSFTNGP09.phx.gbl...
>> Hello
>>
>>
>>
>> In our company we need to establish a secure VPN channel with outside
>> company in other country. They had already configured a VPN server
>> (running on WinNT) and sent us the following information so we could
>> configure a VPN client to connect.
>>
>>
>>
>> Authentication method: pre-share secret
>>
>> Key-change for encryption domain: yes
>>
>>
>>
>> IKE (phase 1):
>>
>> Encryption algorithm AES-256
>>
>> 'Condensation' function SHA-1
>>
>> Diffie Helman group: 1024 bit
>>
>>>Agressive mode< no
>>
>> Key lifetime for phase1 1440 min
>>
>>
>>
>> IKE (phase 2):
>>
>> Encryption algorithm AES-256
>>
>> 'Condensation' function SHA-1
>>
>>>Perfect Forward Secrecy enabled< no
>>
>> PFS DH group: 1024 bit
>>
>>>IP compression< no
>>
>>>IPSEC SA Lifetime< 3600 s
>>
>>
>>
>>
>>
>> I'm pretty confused of the information we got from them, because as far
>> as I know this aren't settings that could normally be configure for a VPN
>> client.
>>
>> Is this possible and how could be done or do we need to configure a
>> site-site VPN tunnel to achieve that kind of functionality.
>>
>> I would be very thankful for all the information and tips how to do this
>>
>> Thank you all in advance
>>
>>
>>
>> Regards
>>
>> Miha
>>
>>
>
>