On Fri, Jul 28, 2006 at 09:29:59AM -0700, jeraklo wrote:
> Regarding NAT-T, does it have to be enabled both in
> clients and the VPN server ? If yes and if we're
> talking about windows clients - does it come bundled
> with some external IPsec client or does it have to be
> enabled in the windows itself ? (yes I know I can
> possibly find this info on the internet, but if you
> already know ...).
Yes, both sides must support NAT-T for it to work. AFAIK, most competent
clients have this; even the built-in Windows client tries to do it [1].
Joachim
[1] Though, in the case I described, it failed miserably. Probably the
IP implementation failed, and not IPsec proper, but still...
