IPSEC NAT Traversal

  • Thread starter Thread starter Darren Thorley
  • Start date Start date
D

Darren Thorley

I working for a client who has a Windows 2000 server SP4 with ISA SP1
and RRAS fully configured. At the moment it is directly connected to
the internet on a static IP, but I will be putting it behind a NAT
router but I have left that bit out while I test the VPN connections.

The client is Windows 2000 Pro SP4 with the NAT-T patch applied and is
sat behind a Smoothwall Corp 3 firewall.

I can connect locally using L2TP no problem. I can connect remotely
using PPTP, but the company I am working for is insisting on using
LT2P for VPN.

When the client connection times out it gives error 792: The L2TP
connection failed becasue security negotiation timed out

Any idea where I am going wrong? Does Windows 2000 RRAS VPN support
this or have I mis-understood something?

Any help greatly appreciated.

Thanks Darren
 
Do you have a valid certificate, ideally ou will need to use a certificate
for L2TP to work.
 
Thanks for responding.
Yes, I do. If I am connected to the network locally the L2TP works
fine. Problem starts as soon as I try to connect away from the office
via the Internet.
Any ideas?
 
Dear Darren

my name is Thomas, I am unfortunately having the same (except for
the error message) problem. I can connect to my windows 2000 server
using PPTP and L2PT from insdie the office, but from outside the office
I can only connect using PPTP. (the error is 678: not able to connect
to the remote server)

I have a linksys AG241 router and have UDP500,4500 and 1701 forwarded
to the Wk200 server, I have the NAT-T patch applied and also the
registry editings for XP clients (see 885407). I am doubting if the NAT-T
patch applies to Wk2000 servers, it seems only possible with 2003 servers,
or am I wrong? (see 818043).

where are you standing on that issue?

kind regards



Darren Thorley said:
I working for a client who has a Windows 2000 server SP4 with ISA SP1
and RRAS fully configured. At the moment it is directly connected to
the internet on a static IP, but I will be putting it behind a NAT
router but I have left that bit out while I test the VPN connections.

The client is Windows 2000 Pro SP4 with the NAT-T patch applied and is
sat behind a Smoothwall Corp 3 firewall.

I can connect locally using L2TP no problem. I can connect remotely
using PPTP, but the company I am working for is insisting on using
LT2P for VPN.

When the client connection times out it gives error 792: The L2TP
connection failed becasue security negotiation timed out

Any idea where I am going wrong? Does Windows 2000 RRAS VPN support
this or have I mis-understood something?

Any help greatly appreciated.

Thanks Darren
Click to expand...
 
Back
Top