L2TP over IPSec VPN tunnel not connected, if the NSG is located behind the NAT gateway.

Nebula_Chris
Nebula_Chris Posts: 373  Zyxel Employee
edited March 18 in Nebula Security Gateway
  1. In this scenario you will need to configure the port forwarding on NAT gateway (NSG's uplink device) in UDP port 500 4500 and 1701.
  2. If your client is using Windows 10 then since in default setting it won't support this scenario (VPN server behind the NAT) then need to modify the registry. Refer to Windows knowledge base or here, please reboot the computer after the setting.
  3. Also note the Windows L2TP security tab setting because NSG not support EAP MS-CHAPv2 therefore please use MS-CHAPv2


Chris
Sign In to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click on this button!