Whenever you use the L2TP data tunneling protocol for your VPN connection, Windows automatically enables the IPSec protocol as well. This is done because L2TP itself does not encrypt data as it is the function of IPSec.
However, if you need to disable IPSec for some reason, such as for troubleshooting, you can easily do that by virtue of this easy step-by-step guide in this article.
However, before we move on further, we can discuss what L2TP and IPSec really is.
L2TP – Layer 2 Tunneling Protocol, or L2TP, is a data tunneling protocol that provides a safe passage to encrypted to move through a VPN client and VPN server. L2TP works by exchanging data packets between the VPN client and VPN server to establish identification for the data transfer session.
Once the identification parameters for the data tunnel have been established, an L2TP connection starts transmitting the data. It must be noted however that L2TP does not provide any data encryption on its own and is simply used for transfer of data.
IPSec – Internet Protocol Security, or IPSec, is a security protocol commonly used in tandem with L2TP for encryption of data that will be passing through the data tunnel established by the L2TP. IPSec authenticates every data packet passing over the data tunnel to ensure it is a valid data packet.
Then, IPSec encrypts this data packet to make it unreadable to any hacker that somehow manages to compromise the security of an L2TP data tunnel.
When L2TP and IPSec are used together, they work to establish a safe data tunnel that carries encrypted data packets. An L2TP IPSec data connection ensures complete data privacy and security for its users.
Here is how to disable IPSec
While this tutorial gives simple steps to disable IPSec, make sure that once you are done with your troubleshooting procedures you enable IPSec back again. Otherwise, you will risk your data to be stolen by hackers.
Here is a step-by-step procedure of how to disable IPSec:
- Open the run command on your Windows Operating System and type ‘regedit’. This will open the Windows Registry Editor.
- On the left hand side bar, navigate and look for the folder titled HKEY_LOCAL_MACHINE
- Once located, open the subfolders for HKEY_LOCAL_MACHINE
- In the list of subfolders for HKEY_LOCAL_MACHINE, look for the folder titled SYSTEM
- Now, open the subfolders for the folder titled SYSTEM
- In the list of subfolders for SYSTEM, look for the subfolder titled CurrentControlSet
- Now, open the subfolders for the folder titled CurrentControlSet
- In the list of subfolders for CurrentControlSet, look for the subfolder titled Services
- Now, open the subfolders for the folder titled Services
- In the list of subfolders for Services, look for the subfolder titled RasMan
- Now, open the subfolders for the folder titled RasMan
- In the list of subfolders for RasMan, look for the subfolder titled Parameters
- Select the folder titled Parameters.
- Now, click on the tab ‘Edit’ on the top left hand side of the window.
- Under this tab, place your mouse over the tab titled ‘New’ and select the term ‘DWORD (32-bit) Value.
- Click on the option titled DWORD (32-bit) value.
- Once prompted to enter the name of the new value, enter the name as ‘ProhibitIPSec’ and hit enter.
- A new folder will be created by the name of ‘ProhibitIPSec’.
- Double-click on the new folder titled ‘ProhibitIPSec’ and set its value to ‘1’. Click ‘OK’ to proceed.
- Now, close the window and restart your computer.
Voila! You’re done. It is that simple.
As can be seen above, the procedure to disable IPSec and use only an L2TP connection is fairly simple. However, once the purpose of using L2TP as a standalone protocol is completed be sure to turn IPSec back on as it is vital for the security of your data.