My company runs an L2TP VPN on a Windows server without using IPSec shared secrets or certs. For every windows client they bring onto the VPN, they add the following registry hack:
I did some research on what this really does in Windows, and found this:
I'm not a Windows AD or VPN guru, so I'm sort of stuck here trying to figure out how to emulate this in Ubuntu. Has anyone else run across this?
When the ProhibitIpSec registry value is set to 1, your Windows 2000-based computer does not create the automatic filter that uses CA authentication. Instead, it checks for a local or Active Directory IPSec policy.