Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Setting up a VPN client that uses NAT

Status
Not open for further replies.
yn0t

yn0t

MIS
Jul 25, 2002
2
0
0
US
I am currently working with a client that is using a Win2k Advanced server that is connected to the Internet. This W2K box is running DHCP to assign all internal computers an IP address (192.168.1.x). It is also running NAT to allow the internal computers to connect to the internet. The internal computers are able to ping computers on the Internet (including the VPN gateway they are trying to connect to).

We are using "Nortel Networks - Contivity Extranet Client w/ Triple-DES Version 4.15". The client works great when run on the server. This is no surprise. However, when trying to use the client on one of the internal computers the client is unable connect to the vpn. It gives an error "Login failure due to remote host not responding".

I have seen 'workarounds' for this problem that involve forwarding two ports on the Win2k box to a specific IP, but we really need all of the computers to have access. Any ideas?
 
Sort by date Sort by votes
Did you solve the issue ?

I have almost the same problem but using Linksys wireless ap + cable router. I'm trying to fond out how to configure either the router or the vpn client to have it working.

Any help would be appreciated.

Thanks
 
Upvote 0 Downvote
Any news on either of these? am currently in the same boat (for the most part)
 
Upvote 0 Downvote
I just tried tackling a similar situation. A remote office using a modem router that employs NAT. It's a 3Com modem router and 3Com's documentation says that in order for IPSEC to work, NAT must be turned off. It says that since IPSEC encrypts the port numbers that the VPN is using, the (modem) router does not know where to send packets.
Here's 3Com's article about it


Look for the header: Why is IPSec different?

The funny thing is, the VPN client had no trouble establishing the tunnel, I just couldn't do anything with it.. couldn't ping hosts at the other end. As the article states, you're supposed to turn NAT off and purchase a range of addresses from your ISP. My ISP balked at that request.

I called the VPN vendor's tech support and they weren't buying the "encrypted port" argument but also couldn't explain why it could or could not work for me.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
306
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Question
Best vpn safe and fast
Replies
4
Views
198
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
169
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
127
Joon Smith
Joon Smith
LearningNetworking
  • Locked
  • Question
Linking Hosts on the same subnet via VPN
Replies
0
Views
222
LearningNetworking
LearningNetworking

Part and Inventory Search

Sponsor

Back
Top