cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
277
Views
0
Helpful
2
Replies

L2TP Client-Initiated tunneling

msrohman
Level 1
Level 1

Hello,

I have a L2TPv2 client-peer that cannot build a L2TP tunnel with a remote L2TPv2 peer. The client-peers is located behind a cable-modem. This cable-modem maybe doing PAT.

I think the problem is when the remote-peer attempts to respond to the client-initiated request.

Would NAT/PAT or an ISP block this traffic from building a tunnel? I thought L2TP used UDP (1710).

As always, thanks for your advice.

-Mike

2 Replies 2

cioma_CCNA
Level 1
Level 1

Hello, Mike.

I don't know how it works under Cisco, but there is NAN-Traversal (I set it under Microsoft).

All the packet encapsulated into UDP 4500 datagrams, and flows through the NAT.

Usual NAT doesn't permit L2TP (UDP 1701), because NAT changes the IP header.

Also you should try PPTP/GRE - less secure, less problems :))

P.S. What do you use for encryption the L2TP-traffic?

We're not encrypting any of the data. I believe one of the other net-admins designed it this way for the authentication.

We're using PPP with the L2TP tunnel. This allows us to use usernames and passwords with a Radius server.

The authentication is great. But the data isn't encrypted.

-Mike

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: