Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
386
Views
0
Helpful
1
Replies

2 or more Win XP (IPSec/L2TP) -> Cisco Router (PAT) -> Microsoft RRAS

MicronasSS
Level 1
Level 1

‎08-03-2007 02:42 AM - edited ‎03-09-2019 06:31 PM

Hi everyone,

I have a Cisco router (1710) to provide Internet access to guests and for testing.

The router is configured to do PAT:

ip nat inside source list 1 interface Ethernet0 overload

I also activated NAT-T (I think :) ):

access-list 120 permit esp any any

access-list 120 permit udp any any eq non500-isakmp

access-list 120 permit udp any any eq isakmp

On the other end I have a Microsoft RRAS Server for remote access (IPSec/L2TP).

If I connect a client (XP) behind my router and start the RAS connection, everything works.

If I connect a second client (XP) and try to connect to the same RRAS it does not work.

What do I have to configure on the router to get this working?

THX in advance.

Best regards,

Christoph

Labels:
0 Helpful
1 Reply 1

wong34539
Level 6
Level 6

‎08-09-2007 10:06 AM

I think multiple pptp sessions are not supported from behind a single PAT device which could be the reason you are not able to connect two or more clients simultaneously. Also check if you have opened following ports needed for NAT-T.

Outbound - source udp any, destination udp 4500.

Inbound - source udp 4500, destination udp any.

0 Helpful
Customers Also Viewed These Support Documents