Re: L2TP over Wireless and NAT
From: Jeffrey Randow (MVP) (jeffreyr-support_at_remotenetworktechnology.com)
Date: 03/01/05
- Next message: Jeffrey Randow (MVP): "Re: L2TP over Wireless and NAT"
- Previous message: Jeffrey Randow (MVP): "Re: WS 2003 RDA Can you Access multiple servers"
- Next in thread: Jeffrey Randow (MVP): "Re: L2TP over Wireless and NAT"
- Maybe reply: Jeffrey Randow (MVP): "Re: L2TP over Wireless and NAT"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 01 Mar 2005 13:54:54 -0600
Take a look at http://lanarchitect.net/Articles/FixSP2VPN for the SP2
fix to make NAT-T work again...
Also, make sure you forward UDP 4500 to the server computer. NAT-T
requires this port in addition to the standard 500...
--- Jeffrey Randow (Network MVP) Remote Networking Technology FAQ - http://www.remotenetworktechnology.com My Networking Blog: http://www.networkblog.net MS Network Community - http://www.microsoft.com/windowsserver2003/community/centers/networking/default.mspx MS Home Networking Community - http://www.microsoft.com/windowsxp/expertzone/communities/wireless.mspx On 26 Feb 2005 12:51:59 -0600, " Newscene" <not_real@internet.org> wrote: >The certificates are installed correctly, I can make an L2TP/IPSec >connection -- I just can't make it through the DLink. Passthrough is enabled >on the DLink. > >I read a paper on Microsoft (article 818043) that says that XP SP2 has the >required "fixes" for L2TP over NAT and that there is a HotFix for 2000 >Server but I canot find it anywhere. > > > > > >"ASM" <ASM@discussions.microsoft.com> wrote in message >news:F223C0C2-C0A6-45DB-B9F6-E97FFC72CB0B@microsoft.com... >> I've read that IPSec needs either certificates or Kerberos to >> authenticate. >> Routers need IPSec passthrough. And, L2TP/IPSec may not work on a dialup >> connection. This is general stuff I've come across - hope it helps some. >> >> "Newscene" wrote: >> >>> I am trying to configure an L2TP/IPSec connection from my home to my >>> office >>> VPN server. We have been using PPTP for VPN for some time now in the >>> wireless configuration with no problems; the only difference is we are >>> trying to move the VPN to L2TP. The client is a Thinkpad T40 (built in >>> 802.11A/B) running Windows XP Pro (SP2) and the target is a Windows 2000 >>> Advanced Server (SP4). The client is on a 802.11A/B WLAN using NAT on a >>> DLink DI-764 (with current firmware) behind a Speedstream 5260 DSL modem. >>> The Office LAN is on a Cisco 2620 with integrated firewall and the >>> firewall >>> has the all the necessary ports and protocols enabled for both PPTP and >>> L2TP. >>> >>> I believe the client, the server and firewall are correctly configured as >>> I >>> am able to establish a L2TP connection from the Thinkpad using either a >>> Verizon CDMA 1xEVDO PC-5220 wireless card* or by connecting the notebook >>> directly to the DSL modem. However if I try L2TP using my WLAN connection >>> the L2TP connection returns Error 678. There is no indication in the >>> server >>> logs that a VPN attempt was made. As I said, a PPTP connection >>> establishes >>> instantly in this configuration and the L2TP establishes immediately >>> outside >>> the WLAN so I am fairly confident the problem lies with the NAT. >>> >>> The DLink has an option to allow VPN passthrough for PPTP and IPSec VPNs >>> and >>> these are set. I spent several hours on the phone with DLink support >>> trying >>> various combinations of settings on the DLink including: direct wired >>> Ethernet connection of the notebook to the router; configuring the >>> notebook >>> on the router's DMZ; etc. all with the same result. >>> >>> I have read the docs on Microsoft about XP and 200x support for L2TP and >>> NAT >>> and I am at a loss where to go from here. If anyone has seen this problem >>> and has a solution I'd certainly appreciate hearing from you. >>> >>> --------------- >>> * By the way, I heartily recommend this wireless service. I am in South >>> Florida and we routinely achieve connections of 400KB with this service. >>> >>> >>> >
- Next message: Jeffrey Randow (MVP): "Re: L2TP over Wireless and NAT"
- Previous message: Jeffrey Randow (MVP): "Re: WS 2003 RDA Can you Access multiple servers"
- Next in thread: Jeffrey Randow (MVP): "Re: L2TP over Wireless and NAT"
- Maybe reply: Jeffrey Randow (MVP): "Re: L2TP over Wireless and NAT"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
Loading
