IPSec Passthrough on RRAS

S

Shane Walters

Does RRAS support IPSec passthrough?

I can establish a VPN connection, but then I can't connect
to "private network 2" (see below), unless I skip the
windows 2000 NAT. (I'm using RRAS for NAT).

Here's an abbreviated snapshot of the network model:

Private Network 1 ----> Windows 2000 NAT ----> Router ----> Internet
----> Cisco PIX ----> Private Network 2
 
B

Bill Grant

L2tp/IPSec is normally killed by NAT. IPSec rejects any packet which
has been modified, but NAT must modify a packet to work.

For IPSec to work through NAT, you must use the new NAT-T (NAT
traversal) system. See KB 818043 for a brief description. There is a
detailed discussion in a recent Cable Guy column at Technet.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

NAT - IPSEC Tunnel Mode 6
Help with Site-to-site VPN using 2k3 RRAS 2
VPN with RRAS behind a cisco 1760 router 9
IPSEC and RRAS 1
Windows 2003 Server RRAS & IPSEC 1
Windows 2003 Server RRAS and IPSEC 1
Win Serv 2003 L2TP/IPSec issue 2
Using RRAS to connect IPsec gateways (Windows and Cisco or sonicwall) 2

Top