Showing results for 
Search instead for 
Did you mean: 

Win-Client L2TP/IPSEC-VPN through NAT -> IOS-Router

Level 1
Level 1


I'm trying to configure the following for quite some time now but i cannot get it running.

What i'm trying to do is

- having a W2K / W-XP-Client in a local network with private IP (RFC1918)

- having a DSL-router for the connection to the internet

- having a 1761 as VPN endpoint at the office

If i configure the W2K to connect directly to internet (via PPPoE dial-up connection) and building a L2TP/IPSec-Tunnel 'ontop' everything works fine and i can connect to every machine located at the office.

What i'm not able to is to get this running with a router (Netgear RP114 in this case) in between - means the PPPoE connect to internet is handled on the router. As far as i understood it up to know the issue goes to NAT-T. Is there some sample solution for this (if it's possible at all)?

The router is configured to forward (for the ease of use) every packet from outside to the W2K-machine inside. So 500/udp and 4500/udp should come through...

I'm trying to avoid the use of the Cisco-VPN-Client if possible - managemt wants to be as 'microsoft native' as possible...

BR and TIA


1 Reply 1

Level 4
Level 4


Only difference could be the DSL router performing PAT/NAT, as opposed to you connecting your PC directly to ISP(getting routable IP on it), and reason being L2TP over IPSec doesn't work with PAT device in between.

Options you have:

1 - Cisco VPN3000 client - use IPSec /UDP to connect to router (router would rquire 12.2.13T+ IOS)

2- You can use PPTP if your router supports PPTP-Passthru, which I think it doesn't .



Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: