[Openswan Users] Trouble with L2TP and NAT traversal

Nate Carlson natecars at natecarlson.com
Thu May 13 16:04:31 CEST 2004


On Thu, 13 May 2004, Nels Lindquist wrote:
> I *thought* I was sure, but now I'm not.
> 
> The "Advanced Networking Pack for Windows XP" is listed in Add/Remove
> programs, but that isn't it, right?

Nope, that's not it. IIRC, if you install that, the other update isn't 
available - but I could very well be remembering wrong.

> I went to Windows Update, but L2TP/IPSEC Update is not listed under
> recommended updates, and when I do an advanced search in the catalog for
> article 818043, there are no results.

Go to:

http://v4.windowsupdate.microsoft.com/catalog/en/default.asp
Click on 'Find updates for Microsoft Windows operating systems'
Go to 'Windows XP SP1'
Under 'Advanced Search Options', add 'ipsec' to 'Contains these words:'
Click 'Search'

It'll be the one item that it pops up with.

> What exactly does IPSEC passthrough refer to?  My assumption would be
> port-forwarding UDP 500 and protocols 50/51 to the NATted device, which
> is definitely not happening.

If you've got a cheap Linksys/whatever VPN device, it'll have an option to 
do some rewriting of IPSec as it passes through it to help it work. Of 
course, it breaks NAT-T.  :(

------------------------------------------------------------------------
| nate carlson | natecars at natecarlson.com | http://www.natecarlson.com |
|       depriving some poor village of its idiot since 1981            |
------------------------------------------------------------------------


More information about the Users mailing list