Re: RRAS IPSec on W2003 Server behind NAT

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

"D Rasmussen" <DRasmussen@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:80BD1DFB-9B1D-4FA9-BC11-E4912BCB8297@xxxxxxxxxxxxxxxx
Well so far after a month of trying to get IPSec on a W2003 Server using a
preshared key we have failed to get this working.

Clients are Windows XP SP2 or later and have found out that with SP2,
IPSec
behind a NAT device has been turned off [MS KB 818043] While we have tried
the fixes on this KB article we still can not get XP SP2 or later or
Windows
Vista/7 clients to be able to connect to a Windows 2003 VPN server [not
behind a NAT device].

Any suggestions to get a VPN Server and XP SP2 clients to connect using
L2TP
IPSec are appreciated


Have you tried using a simple password instead of a pre-shared key?

KB818043 was for pre-SP2 and not needed if you have any service packs
installed.

Whether L2TP/IPSec can go across a NAT or not depends on the NAT device.
What type of device? Also, if it doesn't work on the same subnet, try it
with a simple password, like "1234". If that doesn't work, then there's
either an issue in your VPN config on the server, and/or on the client.

Does a simple PPTP VPN work?

I don't know what articles or books you've followed to setup the VPN, but
here are additional resources.

How to setup VPNYou may have two options to setup VPN server on Windows
2003. ... 47 [GRE - Generic Routing Encapsulation]) or L2TP over IPSec (UDP
Port 500 and IP Protocol ...
www.howtonetworking.com/Windows/vpnsetup.htm

How To Configure IPSec Tunneling in Windows Server 2003In Windows Server
2003, client remote access VPN connections are protected .... and Remote
Access automatically creates IPSec filters for L2TP traffic). ...
http://support.microsoft.com/kb/816514

Virtual Private NetworksGet an overview of the VPN technologies supported by
Windows Server 2003 and ... Download the Microsoft L2TP/IPSec VPN client,
which enables computers ...
http://technet.microsoft.com/en-us/network/bb545442.aspx

L2TP-based remote access VPN deployment: Virtual Private Network ...
Applies To: Windows Server 2003, Windows Server 2003 R2, ...
http://technet.microsoft.com/en-us/library/cc787915(WS.10).aspx

Administrator's Guide to Microsoft L2TP/IPSec VPN Client
Microsoft L2TP/IPSec VPN Client setup process creates a Microsoft IPSec VPN
....
http://technet.microsoft.com/en-us/library/bb742553.aspx


Ace




.

Relevant Pages

  • RE: VPN and Remote Desktop Problems
    ... The internal VPN client must be configured as a SecureNAT client. ... > resolved by Windows XP SP2. ... For a complete list of Microsoft Product ...
    (microsoft.public.windows.server.sbs)
  • L2TP/IPSec Verbindung läuft mit XP SP2 nicht mehr
    ... workstation2 mit Windows.xp SP1a und IPSec NAT-T Traversal Update, ... Windows 2003 VPN RRAS Server, ...
    (microsoft.public.de.german.windowsxp.networking)
  • RE: IPSEC VPN connection from client in SBS 2003 premium
    ... the IPSec protocol cannot pass through ISA if IPSec ... pass-through would not work in firewall client method. ... VPN scenario, between the remote client and the VPN gateway, all VPN ...
    (microsoft.public.windows.server.sbs)
  • RE: VPN and Remote Desktop Problems
    ... The internal VPN client must be configured as a SecureNAT client. ... there is a known issue for Windows XP or SP1 and it is ... you could contact Microsoft Product Support Services ...
    (microsoft.public.windows.server.sbs)
  • RE: Best VPN server to use on Fedora
    ... Best VPN server to use on Fedora ... > server and windows xp clients you would have to install OpenVPN on the ... > already has a client built in, I would like a Linux server that would work ...
    (Fedora)