|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] L2TP, Microsoft, VPN, NAT Traversal
Hi, Have any of you any experience with setting up a VPN, using L2TP over IPSec, between a node running Check Point Firewall-1 (FP3) and a node running Microsoft Windows 2003 server software please? I have so far managed to get the two talking without performing any network address translation on the packets, but as soon as I put NAT into the equation, the VPN breaks. I've read various mailing lists and Check Points' own documentation that this type of VPN does not support NAT traversal because of the fact that Microsoft does not support UDP header insertion/encapsulation. However, Microsoft claim that the 2003 client now does support NAT-Traversal but do Check Point? Everything checks out in the CP log viewer apart from when the MS client sends the L2TP(1701) UDP packet to the CP node, which drops it. I've tried changing the allocated UDP port for Check Points' NAT-Traversal mechanism to L2TP but this didn't appear to make any difference. I also tried simply accepting the L2TP packets... ;-) but that made no difference either. The main and quick mode completions are succesful but the Firewall then reports a receipt of an IKE SA reset from peer. Any ideas/views/news HELP ;-) most welcome. Thanks, Gwyd ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
