• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Support for IPSec NAT Traversal

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Misc.] >> ISA Server Wish List >> Support for IPSec NAT Traversal Page: [1]
Login
Message << Older Topic   Newer Topic >>
Support for IPSec NAT Traversal - 1.Jun.2002 8:59:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
I wish that the next version of ISA Server will have built in support for the IPSec NAT Traversal feature. We could then effective use the client VPN access technology L2TP/IPSec in a NAT/PAT environment without problems.

I hope also that the next version will support outbound L2TP/IPSec passthrough with the IPSec NAT Traversal feature. It should be done in the same way as PPTP passthrough today. This mean without disabling the Firewall client.

Thanks,
Stefaan

[ June 01, 2002, 11:17 PM: Message edited by: spouseele ]
Post #: 1
RE: Support for IPSec NAT Traversal - 2.Jun.2002 6:31:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Stefaan,

I believe that this will be supported in .Net Server. Have you had a chance to test this out yet?

Thanks!

Tom

(in reply to spouseele)
Post #: 2
RE: Support for IPSec NAT Traversal - 2.Jun.2002 8:30:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Tom,

unfortunately no. I sometimes wish that a day last 48 hours. [Big Grin]

Cheers,
Stefaan

(in reply to spouseele)
Post #: 3
RE: Support for IPSec NAT Traversal - 3.Jun.2002 6:26:00 AM   
johnruck68

 

Posts: 4
Joined: 3.Jun.2002
Status: offline
On a whim (I have been unable to get a Cisco VPN client to work with ISA 2000) after seeing this thread I rebuilt my ISA 2000 with .Net Standard Server Beta 3 Build 3604.1. I can confirm that the VPN client is able to get through. The only problem is that .Net is currently only including Routing and Remote Access, so it is a fairly simple firewall. I did make a network trace of the working VPN and I noticed that I am now seeing the isakmp (UDP 500) response from the server. On ISA 2000 I never saw this response (or any message indicating the packet was dropped). May have to go back to ISA 2000 and try again [Confused]

(in reply to spouseele)
Post #: 4
RE: Support for IPSec NAT Traversal - 3.Jun.2002 9:10:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi jruck,

the current ISA release does pass the Cisco VPN if the Cisco VPN client supports the UDP encapsulated ESP feature. Check out http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=1;t=000916#000003 .

If you have still problems, please start a new topic in the VPN forum.

HTH,
Stefaan

(in reply to spouseele)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Misc.] >> ISA Server Wish List >> Support for IPSec NAT Traversal Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts