Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
344
Views
0
Helpful
2
Replies

XP IPSec client through NAT router to IOS IPSec router

jrogalski
Level 1
Level 1

‎04-29-2002 06:24 AM - edited ‎02-21-2020 11:43 AM

Hello,

perhaps this setup is not possible? I am trying to use the built-in IPSec on a XP client to connect to an IPsec router using des and md5. The client must get to the router (tunnel endpoint) through another router performing NAT on it's interface connected to the internet. It looks like the isakmp sa is setup, but after security is negotiated, the router in between will not perform NAT. It's logging a translation failed (a) message. I checked for this error which says that IP subnet zero must be enabled...which it was/is. Anyone ever try this or have and suggestions? Thanks.

John.

Labels:
0 Helpful
2 Replies 2

kevinchan
Level 1
Level 1

‎04-29-2002 06:58 AM

Hi,

Yes ... XP native vpn client (L2TP over IPSec) doesn't work behind NAT... There are note in the documentation / Tips on Cisco site.... =)

Kevin

0 Helpful

jrogalski
Level 1
Level 1
In response to kevinchan

‎04-29-2002 07:07 AM

Hi Kevin. I thought I read this at some point while searching Cisco's site. Thanks for verifying this for me.

0 Helpful
Customers Also Viewed These Support Documents