[Webinar] Streamline your web hosting managementRegister Today

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 662
  • Last Modified:

VPN From Behind NAT Setup


I have a VPN setup, its a symantec 200r vpn/firewall. If i take my laptop and dial up to a random ISP the vpn is working fine.

However if i take my laptop onto another network thats running a simple Firewall/NAT config via ADSL the VPN connection doesn't work. The tunnel wont create.

Is there a simple explination as to why this isn't working?
  • 2
1 Solution
Because when you dial up to an ISP, you get a "real" iP address and there is no additional nat. When you are behind a firewall, it is usually using PAT (port address translation), not NAT. Since VPN's require specific ports, using PAT at the firewall breaks the VPN. There is a fairly new concept of "nat transparency" that will support VPN clients behind a nat firewall. Many of the SOHO routers support vpn "passthrough" which is basically the same, but most corporate firewalls do not have this feature.
It depends on the firewall/router at this location where you say it does not work. If it is a small Linksys, D-link or other SOHO router, it should have the capability to support IPSEC Passthrough. It just may not be enabled.
markfowkesAuthor Commented:
What a star - jumped onto the firewall at the "non" working end, enabled IPsec passthrough - worked! :)

Also for anyone else reading this topic i actually had to enabled IPSEC Type '2 SPI' on the Symantec 200R.

Thanks irmoore

You're most welcome!

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now