On 2016-12-06 12:05, Robert Szasz wrote:
I'm trying to set up an L2TP/IPSEC tunnel for roaming windows users to tunnel in to our office network.I'm testing with the following setup Win10 ->obsd5.9(firewall doing nat)->{}->obsd5.9(IPSEC)
Windows needs a registry entry set for L2TP and IPSEC to work properly with NAT.
Seems to apply whether it is the server or client or both behind NAT. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PolicyAgent] "AssumeUDPEncapsulationContextOnSendRule"=dword:00000002 https://support.microsoft.com/en-au/help/926179/how-to-configure-an-l2tp-ipsec-server-behind-a-nat-t-device-in-windows-vista-and-in-windows-server-2008 -Phil
