N
Newscene
I am trying to configure an L2TP/IPSec connection from my home to my office
VPN server. We have been using PPTP for VPN for some time now in the
wireless configuration with no problems; the only difference is we are
trying to move the VPN to L2TP. The client is a Thinkpad T40 (built in
802.11A/B) running Windows XP Pro (SP2) and the target is a Windows 2000
Advanced Server (SP4). The client is on a 802.11A/B WLAN using NAT on a
DLink DI-764 (with current firmware) behind a Speedstream 5260 DSL modem.
The Office LAN is on a Cisco 2620 with integrated firewall and the firewall
has the all the necessary ports and protocols enabled for both PPTP and
L2TP.
I believe the client, the server and firewall are correctly configured as I
am able to establish a L2TP connection from the Thinkpad using either a
Verizon CDMA 1xEVDO PC-5220 wireless card* or by connecting the notebook
directly to the DSL modem. However if I try L2TP using my WLAN connection
the L2TP connection returns Error 678. There is no indication in the server
logs that a VPN attempt was made. As I said, a PPTP connection establishes
instantly in this configuration and the L2TP establishes immediately outside
the WLAN so I am fairly confident the problem lies with the NAT.
The DLink has an option to allow VPN passthrough for PPTP and IPSec VPNs and
these are set. I spent several hours on the phone with DLink support trying
various combinations of settings on the DLink including: direct wired
Ethernet connection of the notebook to the router; configuring the notebook
on the router's DMZ; etc. all with the same result.
I have read the docs on Microsoft about XP and 200x support for L2TP and NAT
and I am at a loss where to go from here. If anyone has seen this problem
and has a solution I'd certainly appreciate hearing from you.
VPN server. We have been using PPTP for VPN for some time now in the
wireless configuration with no problems; the only difference is we are
trying to move the VPN to L2TP. The client is a Thinkpad T40 (built in
802.11A/B) running Windows XP Pro (SP2) and the target is a Windows 2000
Advanced Server (SP4). The client is on a 802.11A/B WLAN using NAT on a
DLink DI-764 (with current firmware) behind a Speedstream 5260 DSL modem.
The Office LAN is on a Cisco 2620 with integrated firewall and the firewall
has the all the necessary ports and protocols enabled for both PPTP and
L2TP.
I believe the client, the server and firewall are correctly configured as I
am able to establish a L2TP connection from the Thinkpad using either a
Verizon CDMA 1xEVDO PC-5220 wireless card* or by connecting the notebook
directly to the DSL modem. However if I try L2TP using my WLAN connection
the L2TP connection returns Error 678. There is no indication in the server
logs that a VPN attempt was made. As I said, a PPTP connection establishes
instantly in this configuration and the L2TP establishes immediately outside
the WLAN so I am fairly confident the problem lies with the NAT.
The DLink has an option to allow VPN passthrough for PPTP and IPSec VPNs and
these are set. I spent several hours on the phone with DLink support trying
various combinations of settings on the DLink including: direct wired
Ethernet connection of the notebook to the router; configuring the notebook
on the router's DMZ; etc. all with the same result.
I have read the docs on Microsoft about XP and 200x support for L2TP and NAT
and I am at a loss where to go from here. If anyone has seen this problem
and has a solution I'd certainly appreciate hearing from you.