hi, some of you have to deploy ipsec on windows boxes and don't want to use l2tp for some reason? Furthermore the users don't have admin rights on these machines, so marcus muellers tool is not helpful? there is no solution for that, is it? Is someone interesting in such a sulution, I made one. contact me off-list. regards jz