I have this problem. I built out a LAN for a customer using private IP addressing. On the WAN side I'm using a pool of public IP Addresses to provide NAT. The LAN works for most Internet applications including voice but I have an issue with users who want to connect to VPNs. WHen the user launches their client the VPN takes a very long time to connect and then no traffic passes in the tunnel so the VPN is unuseable at that point. If I set up a 1:1 static NAT for a user then they can successfully use their VPN.
Could it be because I'm using a pool of addresses for NAT the public address coulel be changing? Any way to get around this?
This happens whether they are using Cisco, Nortel or any other VPN.