L2TP over IPSec VPN tunnel not connected, if the NSG is located behind the NAT gateway.
Options
Zyxel_Chris
Posts: 660 
Zyxel Employee
Zyxel Employee
- In this scenario you will need to configure the port forwarding on NAT gateway (NSG's uplink device) in UDP port 500 4500 and 1701.
- If your client is using Windows 10 then since in default setting it won't support this scenario (VPN server behind the NAT) then need to modify the registry. Refer to Windows knowledge base or here, please reboot the computer after the setting.
- Also note the Windows L2TP security tab setting because NSG not support EAP MS-CHAPv2 therefore please use MS-CHAPv2
Chris
Tagged:
0
Categories
- All Categories
- 396 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight