Windows 2003 Server NAT not allowing IPSEC to go through.

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hopefully someone will have some insight into this problem..

I'm at a site with a basic Windows 2003 Server Standard install which has NAT running on it, with the statically assigned internet on one NIC, and the network on the other NIC

All client systems can properly access the internet (web, ICQ, email, etc) except for field engineers coming from another company, attempting to connect to their server using IPSec.

It's a basic install with no extras turned on, firewalls disabled on the NIC and in NAT, no packet filtering on the NIC or in NAT...

The clients are using Nortal Extranet that connects through IPSec (their documentation asks that IP Port 50, UDP Port 500 and UDP Port 2001 be opened). It's my understanding that NAT will correctly relay this information without any issues?

I connected one of the clients directly into our internet connection and successfully connected to the end computer, so the problem is definitely something on the server.

Also, I was able to set this same configuration up through NAT last year on a similar server running Windows 2000 Server (for the same clients) without any issues using the same information

Any help or suggestions would be appreciated. Thanks in advance...
 
Also check if the UDP ports 1701, 4500 [NAT-T] are also opened.

--

Thanks
Sharoon
(e-mail address removed)

This posting is provided "AS IS" with no warranties, and confers no rights.

William Gault said:
Hopefully someone will have some insight into this problem...

I'm at a site with a basic Windows 2003 Server Standard install which has
Click to expand...
NAT running on it, with the statically assigned internet on one NIC, and the
network on the other NIC.
All client systems can properly access the internet (web, ICQ, email, etc)
Click to expand...
except for field engineers coming from another company, attempting to
connect to their server using IPSec.
It's a basic install with no extras turned on, firewalls disabled on the
Click to expand...
NIC and in NAT, no packet filtering on the NIC or in NAT...
The clients are using Nortal Extranet that connects through IPSec (their
Click to expand...
documentation asks that IP Port 50, UDP Port 500 and UDP Port 2001 be
opened). It's my understanding that NAT will correctly relay this
information without any issues?
I connected one of the clients directly into our internet connection and
Click to expand...
successfully connected to the end computer, so the problem is definitely
something on the server.
Also, I was able to set this same configuration up through NAT last year
Click to expand...
on a similar server running Windows 2000 Server (for the same clients)
without any issues using the same information.
 
If I'm using NAT without any packet filtering or firewalling, these ports should just be open and the packets should just pass through, should they not

----- Sharoon Shetty K [MSFT] wrote: ----

Also check if the UDP ports 1701, 4500 [NAT-T] are also opened

--

Thank
Sharoo
(e-mail address removed)

This posting is provided "AS IS" with no warranties, and confers no rights

William Gault said:
Hopefully someone will have some insight into this problem..
Click to expand...
NAT running on it, with the statically assigned internet on one NIC, and th
network on the other NICexcept for field engineers coming from another company, attempting t
connect to their server using IPSecdocumentation asks that IP Port 50, UDP Port 500 and UDP Port 2001 b
opened). It's my understanding that NAT will correctly relay thi
information without any issuessuccessfully connected to the end computer, so the problem is definitel
something on the serveron a similar server running Windows 2000 Server (for the same clients
without any issues using the same information
 
Back
Top