[Openswan Users] l2tp pass-through
paul at xelerance.com
Sun Apr 8 16:44:22 EDT 2007
On Sat, 7 Apr 2007, Jax wrote:
> Basically I have only one question:
> If I have a winxp l2tp/ipsec client on a nat do I need to forward any
> port to it for connecting to a vpns server which has public IP?
No. In fact, you should explicitely NOT do that.
> Without reading further documents I think it does not need anything for
> the client. It's an up to date sp2 which means it already has the NAT-T
> patch. IPSec in transport mode on the XP machine but it does not send a
> single packet I guess this has nothing to do with it. So it should go
> through on any router without portforwarding, right?
Yes. Check firewall settings. If it still fails to send a packet (and you
are sure it is not the ISP filtering it before it hits the vpn server),
enable OAKLEY_LOG on windows to get a proper error message.
Building and integrating Virtual Private Networks with Openswan:
More information about the Users