1. Home
  2. Virtual Private Networks
  3. Re: L2TP/IPSec and NAT with 3Com Superstack 3 Firewall?

Re: L2TP/IPSec and NAT with 3Com Superstack 3 Firewall?

Hi Arlé,

> > If you are still watching this thread, could I ask you some stuff > about how you get the xp->3com connection working, when the xp machine > is connected directly to the Internet with a public address?

Yes, you need to setup L2TP on the 3com and then setup a L2TP client on Windows XP, that works when the Windows XP client has a public ip-address, but not when it is behind a NAT router (atleast I couldn't get it to work).

I followed the documentation on the 3com site about setting up the client, see

formatting link
can also be found in the download section.

See

formatting link
for info about the 3com Superstack 3 firewall.

Regards, Arlé

Reply to
Arlé Mooldijk
Loading thread data ...

Hi Arlé, I'm assuming the 3com is itself doing NAT for a private range network, is that right?

I've followed that, but no luck yet. My remote client is XP sp2 , with the registry alteration:

formatting link
The 3com firmware is: 6.3.3.1

regards Richard

snipped-for-privacy@tortoise.demon.co.uk

Reply to
Richard Hayward

Yes

If your client is behind a NAT router, then the Microsoft VPN client won't work in combination with the 3Com firewall. 3Com is following it's own NAT-T (NAT-Traversal) standards and they are incompatible with standard clients.

I've contacted 3Com in the past but they couldn't tell me what to do to make it work. Somewhere 'hidden' on their site I've found that their NAT-T implementation is different which makes it incompatible.

If you want to use VPN (behind a NAT router) with the 3Com SuperStack 3 Firewall you need a SafeNet SoftRemote (LT) client. It is included with the firewall, but only a very old version which is incompatible with Windows XP. A newer version is available from SafeNet, but you need to buy it. :-(

Regards, Arlé

Reply to
Arlé Mooldijk

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.