Hi Jaime,
I had a similar problem with transport mode over a natted connection.
In that case, one would assume that a fix for that would have to be
implemented either on the l2tp daemon or in the kernel, wouldn't it?
Jaime
In my case the problem was not in the l2tp daemon or kernel
implem
Thanks, Andreas.
> As a workaround I recommend to use IPsec tunnel mode with NAT-T.
> Windows XP's LT2P client can be configured to use tunnel mode
> instead of the default transport mode.
>
Does that imply disabling the automatic IPsec policy created by the
connection and creating one manually?
Both clients are behind the same NAT router so that internal IP
addresses are distinct. Windows XP does *not* support the notion
of a virtual IP address requested via IKEv1 ModeConfig. IP addresses
can only be assigned through LT2P using the IP Control Protocol (IPCP).
Regards
Andreas
Daniel Men
Andreas Steffen wrote:
> As a workaround I recommend to use IPsec tunnel mode with NAT-T.
> Windows XP's LT2P client can be configured to use tunnel mode
> instead of the default transport mode.
But what's the virtual IP address of the windows box inside the tunnel
then? The same as its LAN inter
As a workaround I recommend to use IPsec tunnel mode with NAT-T.
Windows XP's LT2P client can be configured to use tunnel mode
instead of the default transport mode.
Regards
Andreas
Jaime Vargas wrote:
> Hello, everybody;
>
> As far as I know, there's a well-known issue with NAT-T that makes
>
> I *believe* that this is a known issue. The problem is that the L2TP-daemon
> on the linux side sends packets to the public IP address of the NAT box
> (which get secured by IPsec before they leave the machine). With two clients
> behind the same NAT box (and therefore behind the same public IP a
Jaime Vargas wrote:
> As far as I know, there's a well-known issue with NAT-T that makes
> impossible to connect simultaneously to a VPN using L2TP over IPSec
> from two Windows clients which reside behind the same NAT box. Problem
Hi Jaime,
> a) Is the cause of this issue established?
> b) Is
Hello, everybody;
As far as I know, there's a well-known issue with NAT-T that makes
impossible to connect simultaneously to a VPN using L2TP over IPSec
from two Windows clients which reside behind the same NAT box. Problem
is, I need to offer a solution, or at least a convincing argument, for
thi