When I did a similar setup for the first time I used the Win2K Network Connection Wizard. Once you use the wizard, go into it's properties and select the L2TP from the dropdown box. Has anyone else tried using the wizard? I'm curious to see other peoples reactions about it.
The problem is that if you want to use l2tp over ip sec you must use a certificate server?
If you use pptp you can use the local data base for access and encryption if you try to hand it of to Cisco secure it will authenticate but there is no encryption. I have been working on the win2k native client my self.
There is a new ver of SS v2.5 that will do mmpm and that will allow win2k encryption
We have some documents at the Cisco.com TAC youll find useful here. http://www.cisco.com/warp/customer/707/index1.shtml#vpn3000
And more specifically
Where the documentation falls short is in actually Installing and Enrolling the newly acquired Microsoft CA into the VPN3000. All else is very clear but I believe that the VPN needs to be told of the new certificate in order for it to operate.