07-29-2002 12:02 PM - edited 02-21-2020 11:57 AM
Is it possible to use L2TP with IPSec through a Pix firewall running NAT? The setup would be, a Microsoft operating system using the embedded IPSec client attempting to connect to a Microsoft 2k server running IPSec. I seem to be reading contrasting documentation on the web. The latest I have read this is not possible using NAT due to the encryption of the transport layer.
07-29-2002 03:18 PM
Hi Eric,
You can not pass L2tp with IPSEC over PIX firewall doing PAT or NAT overloading.
You can pass PPTP or L2TP with IPSEC over static NAT or NAT Pool (not overloading, still one to one nat).
Best Regards,
07-29-2002 09:02 PM
Hi Eric,
L2TP over IPSec with Transport mode is not compatible with any kind of NATing, be it Static or Dynamic, Tunnel mode works fine with Static(1-to-1, or many-to-many NATing only.
One example of L2TP over IPSec using Transport mode is when you connect to VPN3K concentrator, I'm not sure about MS ISA server.
Thanks,
Afaq
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide