Added more details about WS2012

windows/access-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md

@@ -8,7 +8,7 @@ ms.pagetype: security, networking
 author: shortpatti
 ms.author: pashort
 ms.localizationpriority: medium
-ms.date: 02/06/2018
+ms.date: 02/08/2018
 ---
 
 # How to configure Diffie Hellman protocol over IKEv2 VPN connections
@@ -20,16 +20,13 @@ To secure the connections, update the configuration of VPN servers and clients b
 
 ## VPN server
 
-For VPN server, you need to configure the tunnel type. This makes all IKE exchanges on IKEv2 tunnel use the secure configuration.
-
-For example, on a site-to-site VPN server that runs Windows Server 2012 R2 or later, run [Set-VpnServerConfiguration](https://docs.microsoft.com/powershell/module/remoteaccess/set-vpnserverconfiguration?view=win10-ps):
+For VPN servers that run Windows Server 2012 R2 or later, you need to run [Set-VpnServerConfiguration](https://docs.microsoft.com/powershell/module/remoteaccess/set-vpnserverconfiguration?view=win10-ps) to configure the tunnel type. This makes all IKE exchanges on IKEv2 tunnel use the secure configuration.
 
 ```powershell
 Set-VpnServerConfiguration -TunnelType IKEv2 -CustomPolicy
 ```
 
-On an earlier version of Windows Server, run [Set-VpnServerIPsecConfiguration](https://technet.microsoft.com/library/hh918373(v=wps.620).aspx):
-<!-- this is where we need the correct information -->
+On an earlier versions of Windows Server, run [Set-VpnServerIPsecConfiguration](https://technet.microsoft.com/library/hh918373(v=wps.620).aspx). Since `Set-VpnServerIPsecConfiguration` doesn’t have `-TunnelType`, the configuration applies to all tunnel types on the server.
 
 ```powershell
 Set-VpnServerIPsecConfiguration -CustomPolicy