This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec not work

Hello All!
I want to understand, VPN IPSec:
If your client machine is behind a Nat device....IPsec will not work
this is true?
If so, then nothing can be done?

This thread was automatically locked due to age.

0 creativity over 13 years ago

in the internal network is working, maybe I need ports are open ?
ports 500, 450, 1701 opened
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 13 years ago

If both users are allowed in 'Access control' in L2TP, and if, from the same client over the same connection, one user works and the other doesn't, I don't understand. The only issues I see would prevent all users from working correctly.

Anyone else have an idea?

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 creativity over 13 years ago

try again and order
Here are my settings in Astaro:

I do not know already that can be...[:S]
- 1.jpg
- View
- Hide
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 13 years ago

OK. so it works for all users from internal, and it fails for all users from external. That makes more sense!

I guess the solution is to activate IPsec passthru in the router where the client is.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 creativity over 13 years ago in reply to BAlfson

OK. so it works for all users from internal, and it fails for all users from external. That makes more sense!

I guess the solution is to activate IPsec passthru in the router where the client is.

Cheers - Bob

no effect...
the router where the client is
- q.JPG
- View
- Hide
Cancel
Vote Up 0 Vote Down

Cancel
0 creativity over 13 years ago

directly connected the astaro to the internet, it works!
turns out the problem with the router...
apparently does not pass L2TP Over IPsec
routers tested tplink and linksys
if anyone knows why, would be pleased to hear
-
wanted to ask about the PPTP
for allow access Internet I need to add a VPN pool in the HTTP Proxy ?
Why not sufficiently only Masquerading And Packet Filter ?
I am very important to understand this, please explain
Cancel
Vote Up 0 Vote Down

Cancel
0 creativity over 13 years ago

that no one knows to explain or laziness?
Cancel
Vote Up 0 Vote Down

Cancel
0 Sascha Paris over 13 years ago in reply to creativity

that no one knows to explain or laziness?

lazyness...waiting for Sauna heating up, so there's a few minutes time...

did you allow ipsec passthrough in the linksys router, and configured ASG to support nat traversal?

Sent from my iPad using Astaro.org (finally got One)
Cancel
Vote Up 0 Vote Down

Cancel
0 Sascha Paris over 13 years ago in reply to Sascha Paris

lazyness...waiting for Sauna heating up, so there's a few minutes time...

did you allow ipsec passthrough in the linksys router, and configured ASG to support nat traversal?

Sent from my iPad using Astaro.org (finally got One)

Edit: I'm not sitting in front of a ASG. not sure that there's a nat traversal option for L2TP...

Sent from my iPad using Astaro.org (finally got One)
Cancel
Vote Up 0 Vote Down

Cancel
0 creativity over 13 years ago in reply to Sascha Paris

did you allow ipsec passthrough in the linksys router, and configured ASG to support nat traversal?

yes
Cancel
Vote Up 0 Vote Down

Cancel