>>Do you mean IPsec Transport+L2TP is supported by W2K without third >>party software? yes
from: http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/l2tpclient.asp ... Microsoft L2TP/IPSec VPN Client is a free download that allows computers running Windows 98, Windows Millennium Edition (Me), or Windows NT� Workstation 4.0 to use Layer Two Tunneling Protocol (L2TP) connections with Internet Protocol security (IPSec). The combination of L2TP and IPSec, known as L2TP/IPSec, is a highly secure technology for making remote access virtual private network (VPN) connections across public networks such as the Internet. Microsoft L2TP/IPSec VPN Client also provides support for IPSec Network Address Translator (NAT) traversal. ... Microsoft L2TP/IPSec VPN Client includes support for a proposed extension of IPSec that can traverse a Network Address Translator (NAT), a device commonly used to provide networks with shared access to the Internet. The new behavior will be enabled whenever the client connects to a VPN server that also supports the proposed NAT-Traversal extensions for IPSec (described in the IETF Internet drafts titled "UDP Encapsulation of IPSec Packets" [draft-ietf-ipsec-udp-encaps-02.txt] and "Negotiation of NAT-Traversal in the IKE" [draft-ietf-ipsec-nat-t-ike-02.txt]). Microsoft plans to support these extensions in the Windows .NET Server 2003 family and other industry leaders have NAT Traversal-capable VPN servers in development. ... Regards Dom -----Original Message----- From: Tino Keitel [mailto:[EMAIL PROTECTED]] Sent: 27 November 2002 14:07 To: [EMAIL PROTECTED] Subject: Re: IPSec + L2TP VPN to MS firewall (ISA) working ! On Tue, Nov 19, 2002 at 14:44:24 -0000, Cressatti, Dominique wrote: > >>You might consider trying SSH sentinel if you need NAT-T support under MS > >>platforms, works well for me. > I don't how that would work with ISA server. > The current situation is that since MS current implementation > of IPSec doesn't support NAT-T (on the server but W2K client supports it), Do you mean IPsec Transport+L2TP is supported by W2K without third party software? Regards, Tino -- [EMAIL PROTECTED] dipl.-inf. Innominate Security Technologies AG software engineer networking people tel: +49.30.6392-3308 http://www.innominate.com/
