IPSec through NAT

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: "Dominik Rappaport" <dominik@xxxxxxxxxxxx>
Date: Tue, 27 Sep 2005 11:03:16 +0200

Dear All,

I want to connect a branch to our corporate network by an IPSec VPN
connection. It should be IPSec and not L2TP or PPTP as our branch already
has a router with IPSec capabilities, but only IPSec. Our configuration at
the main office is as follows:

Internet <-> NAT Firewall <-> DMZ <-> ISA 2004 <-> Internal Network

The ISA server should handle all the VPN stuff so that the IPSec traffic
must flow through the NAT firewall.

Is that possible (IPSec through the NAT) and if yes what kind of protocols
do I have to allow for inbound traffic at the NAT to pass through the ISA
server?

Kind regards,

Dominik

.

Prev by Date: vpn site to site problem
Next by Date: Some advice on setting up please
Previous by thread: vpn site to site problem
Next by thread: Some advice on setting up please
Index(es):
- Date
- Thread

Relevant Pages

Re: L2TP over IPsec VPN and nat-t
... I had seen these articles and was hopeful that this would solve the problem, ... L2TP over IPSec is not supported with NAT Traversal. ... and that is why you can configure IPSec VPN tunnels ...
(microsoft.public.security)
RE: [fw-wiz] tunnel vs open a hole
... >There is one advantage of an IPSEC VPN in this sort of circumstance which ... It's both advantageous and disadvantageous - IPsec creates ... network connections - a client or remote LAN joins your LAN environment ...
(Firewall-Wizards)
Re: MNF Ipsec Nat Traversal
... If you have any luck, please post here so that I can pick your ... > Does anyone know if the dist supports Ipsec Nat Traversal? ... > I know that the dist comes with Ipsec Vpn. ... > the client or server would drop the adjusted packets. ...
(comp.os.linux.networking)
$100 to first person to provide details on connecting Safenet client VPN on NAT subnet to DFL-300
... state how you were able to get your clients to connect using SafeNet ... IPSEC client via IPSEC VPN to your DFL-300. ...
(comp.security.firewalls)
Re: L2TP/IPSec Verbindung läuft mit XP SP2 nicht mehr
... In XPSP2 the IPsec driver needs a registry setting when either the ... server or workstation are behind a NAT gateway. ... 1- Client initiates to a server that is behind the NAT ... > Peer Private Addr ...
(microsoft.public.de.german.windowsxp.networking)