Indiana University
University Information Technology Services
  
What are archived documents?
Login>>
Login

Login is for authorized groups (e.g., UITS, OVPIT, and TCC) that need access to specialized Knowledge Base documents. Otherwise, simply use the Knowledge Base without logging in.

Close

In Windows XP, how do I make an IPsec VPN connection to the IU network?

Note: For VPN when connecting from off campus, use the recommended SSL VPN if your campus supports it. The IPsec VPN at IUB and IUPUI will eventually be retired.

This document explains how to manually set up an IPsec virtual private network (VPN) connection in Windows XP at Indiana University Bloomington and IUPUI. If you wish to make such a connection, UITS recommends that you use the VPN installers, available from IUware. This software automatically does what the instructions in this document describe how to do manually.

Note: IU's VPN is intended for individual computing accounts only. Group and departmental accounts cannot access the VPN. See Why can't I make an IU Secure or VPN connection through an IU group or departmental account?

On this page:

Creating an IPsec VPN connection

Before you start: If you are behind a NAT device (e.g., a home or small business router) or your IP address is a private IP address, you must download an update from Microsoft before you can successfully connect using an IPsec VPN connection. To determine if this situation applies to you, refer to Microsoft article 818043.

Search Microsoft Support.

To create an IPsec VPN connection to the IU network using Windows XP, either wirelessly or remotely:

  1. From the Start menu, right-click Network Places and select Properties. Alternatively, from the Control Panel, open Network Connections.

  2. In the left frame in the "Network Tasks" section, click Create a new connection.

    Note: If you do not see "Network Tasks", look for New Connection Wizard in the main window, and double-click it, or, from the File menu, choose New Connection.

  3. The New Connection Wizard should open. Click Next and select Connect to the network at my workplace. Click Next again.

  4. Select Virtual Private Network connection and click Next.

    Note: If the Virtual Private Network option is not available, you may need to enable the Remote Access Connection Manager service.

    For help, see Microsoft Support.

  5. Type a name for the connection (e.g., IU-VPN ) and click Next.

  6. If your computer already has a Dial-Up Networking icon, you may see the following message:

    "Windows can automatically dial the initial connection to the Internet or other public network before establishing the virtual connection."

    If you see this message, in the Public Network window, select the connection to use to attach to your VPN:

    • If you are connected to a persistent Internet connection (e.g., Ethernet), choose Do not dial the initial connection.
    • If you must dial in to be connected to the Internet, choose Automatically dial this initial connection and select your Internet service provider (ISP) connection.

    Click Next.

  7. In the VPN Server Selection window, type either ipsec.indiana.edu for IUB or ipsec.iupui.edu for IUPUI. Click Next.

  8. If you see a message asking whether to use your smart card with this connection, choose Do not use my smart card and click Next.

  9. In the Connection Availability window, select the option most appropriate for your situation.

    Note: If you are using a wireless card and wish to log into a domain (including ADS) upon starting Windows XP, select Anyone's use, which will make the VPN connection available when you choose Log on using dial-up connection at the login screen.

    Click Next.

  10. On the last screen, if you want a shortcut icon on your desktop for the new connection, select Add a shortcut to this connection to my desktop. Click Finish.

Configuring your VPN connection

  1. After you've created your VPN connection, Windows XP should open the connection automatically for you. If it does, select Properties. If it does not, right-click the new connection icon, and then select Properties.

  2. Click the Options tab. Check Prompt for name and password, certificate, etc. and Include Windows Logon Domain.

  3. Click the Networking tab. Set "Type of VPN:" to L2TP IPSec VPN.

  4. Under "This connection uses the following items:", only the following should be checked:

    • Internet Protocol (TCP/IP)
    • File and Printer Sharing for Microsoft Networks
    • Client for Microsoft Networks
    • QoS Packet Scheduler

  5. Select TCP/IP, and then click Properties.

  6. Select both Obtain an IP address automatically and Obtain DNS server address automatically, and then click OK.

  7. Click the Security tab.

    If you chose L2TP IPSec VPN above, click IPSec Settings... . Check Use pre-shared key for authentication, and, in the "Key:" field, type hermanbwells . Click OK.

    Note: If you set "Type of VPN:" to PPTP VPN above, proceed to the next step.

  8. Select Advanced (custom settings), and then click Settings... .

  9. Under "Logon Security", select Allow these protocols, and make sure the only checkbox selected is Microsoft CHAP Version 2 (MS-CHAP v2). Click OK and then Close.

Establishing the VPN connection

  1. After configuring your VPN connection, you should see the authentication screen for your new connection. If you don't see it, double-click the new connection icon. Alternatively, from the Start menu, click Connect To (or Settings, and then Network Connections), and select the connection.

  2. Enter your IU Network ID username and passphrase; for the domain, enter ADS . Click Connect.

    When the connection is established, you should see a new icon in the notification area. This icon is identical to the one for dial-up connections.

Note: It may take up to a minute to establish a connection with the VPN server. If you have problems connecting, note any error messages and contact your campus Support Center.

To disconnect and terminate the connection, double-click the icon in the notification area and choose Disconnect.

This is document akko in domain all.
Last modified on January 31, 2013.

I need help with a computing problem

  • Fill out this form to submit your issue to the UITS Support Center.
  • Please note that you must be affiliated with Indiana University to receive support.
  • All fields are required.



Please provide your IU email address. If you currently have a problem receiving email at your IU account, enter an alternate email address.

I have a comment for the Knowledge Base

  • Fill out this form to submit your comment to the IU Knowledge Base.
  • If you are affiliated with Indiana University and need help with a computing problem, please use the I need help with a computing problem section above, or contact your campus Support Center.