From 5636af8787713bd8f6e6125033705175a0e0b068 Mon Sep 17 00:00:00 2001
From: shortpatti <pashort@microsoft.com>
Date: Thu, 8 Feb 2018 14:40:32 -0800
Subject: [PATCH] Added more details about WS2012

---
 ...diffie-hellman-protocol-over-ikev2-vpn-connections.md | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/windows/access-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md b/windows/access-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
index 6966e27f33..7b30f32d4d 100644
--- a/windows/access-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
+++ b/windows/access-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
@@ -8,7 +8,7 @@ ms.pagetype: security, networking
 author: shortpatti
 ms.author: pashort
 ms.localizationpriority: medium
-ms.date: 02/06/2018
+ms.date: 02/08/2018
 ---
 
 # How to configure Diffie Hellman protocol over IKEv2 VPN connections
@@ -20,16 +20,13 @@ To secure the connections, update the configuration of VPN servers and clients b
 
 ## VPN server
 
-For VPN server, you need to configure the tunnel type. This makes all IKE exchanges on IKEv2 tunnel use the secure configuration.
-
-For example, on a site-to-site VPN server that runs Windows Server 2012 R2 or later, run [Set-VpnServerConfiguration](https://docs.microsoft.com/powershell/module/remoteaccess/set-vpnserverconfiguration?view=win10-ps):
+For VPN servers that run Windows Server 2012 R2 or later, you need to run [Set-VpnServerConfiguration](https://docs.microsoft.com/powershell/module/remoteaccess/set-vpnserverconfiguration?view=win10-ps) to configure the tunnel type. This makes all IKE exchanges on IKEv2 tunnel use the secure configuration.
 
 ```powershell
 Set-VpnServerConfiguration -TunnelType IKEv2 -CustomPolicy
 ```
 
-On an earlier version of Windows Server, run [Set-VpnServerIPsecConfiguration](https://technet.microsoft.com/library/hh918373(v=wps.620).aspx):
-<!-- this is where we need the correct information -->
+On an earlier versions of Windows Server, run [Set-VpnServerIPsecConfiguration](https://technet.microsoft.com/library/hh918373(v=wps.620).aspx). Since `Set-VpnServerIPsecConfiguration` doesn’t have `-TunnelType`, the configuration applies to all tunnel types on the server.
 
 ```powershell
 Set-VpnServerIPsecConfiguration -CustomPolicy