Support for IPSec NAT Traversal (Full Version)

All Forums >> [ISA Server 2000 Misc.] >> ISA Server Wish List



Message

spouseele -> Support for IPSec NAT Traversal (1.Jun.2002 8:59:00 PM)

I wish that the next version of ISA Server will have built in support for the IPSec NAT Traversal feature. We could then effective use the client VPN access technology L2TP/IPSec in a NAT/PAT environment without problems.

I hope also that the next version will support outbound L2TP/IPSec passthrough with the IPSec NAT Traversal feature. It should be done in the same way as PPTP passthrough today. This mean without disabling the Firewall client.

Thanks,
Stefaan

[ June 01, 2002, 11:17 PM: Message edited by: spouseele ]



tshinder -> RE: Support for IPSec NAT Traversal (2.Jun.2002 6:31:00 PM)

Hi Stefaan,

I believe that this will be supported in .Net Server. Have you had a chance to test this out yet?

Thanks!

Tom



spouseele -> RE: Support for IPSec NAT Traversal (2.Jun.2002 8:30:00 PM)

Hi Tom,

unfortunately no. I sometimes wish that a day last 48 hours. [Big Grin]

Cheers,
Stefaan



johnruck68 -> RE: Support for IPSec NAT Traversal (3.Jun.2002 6:26:00 AM)

On a whim (I have been unable to get a Cisco VPN client to work with ISA 2000) after seeing this thread I rebuilt my ISA 2000 with .Net Standard Server Beta 3 Build 3604.1. I can confirm that the VPN client is able to get through. The only problem is that .Net is currently only including Routing and Remote Access, so it is a fairly simple firewall. I did make a network trace of the working VPN and I noticed that I am now seeing the isakmp (UDP 500) response from the server. On ISA 2000 I never saw this response (or any message indicating the packet was dropped). May have to go back to ISA 2000 and try again [Confused]



spouseele -> RE: Support for IPSec NAT Traversal (3.Jun.2002 9:10:00 PM)

Hi jruck,

the current ISA release does pass the Cisco VPN if the Cisco VPN client supports the UDP encapsulated ESP feature. Check out http://forums.isaserver.org/ultimatebb.cgi?ubb=get_topic;f=1;t=000916#000003 .

If you have still problems, please start a new topic in the VPN forum.

HTH,
Stefaan



Page: [1]