Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
VPN with windows 2000 (L2TP)
- Thread starter erezohar
- Start date
HI.
It works fine with PPTP (at the pix called VPDN).
I did not try with L2TP, it should work but is more comlex then other solutions.
I recommend using Cisco IPSec VPN using Cisco client, because you can get better security using dual authentication (both vpngroup authentication and XAUTH radius) which makes it more dificult to break in.
Bye
Yizhar Hurwitz
It works fine with PPTP (at the pix called VPDN).
I did not try with L2TP, it should work but is more comlex then other solutions.
I recommend using Cisco IPSec VPN using Cisco client, because you can get better security using dual authentication (both vpngroup authentication and XAUTH radius) which makes it more dificult to break in.
Bye
Yizhar Hurwitz
- Thread starter
- #3
Thanks Izhar,
I've noticed that l2tp in more complex and therefore i already configured PPTP.
Now i have two problems with PPTP:
1. when connecting to the VPN the client can't access the internet. What should i do to make the pix route packets to the internet?
2. When the client is behind a firewall using nat it can't connect.
About using Cisco IPSec VPN. I am having the problem with nat when using the cisco client. I am using ver 3.0.6. Will upgrading the client help.
thanks
I've noticed that l2tp in more complex and therefore i already configured PPTP.
Now i have two problems with PPTP:
1. when connecting to the VPN the client can't access the internet. What should i do to make the pix route packets to the internet?
2. When the client is behind a firewall using nat it can't connect.
About using Cisco IPSec VPN. I am having the problem with nat when using the cisco client. I am using ver 3.0.6. Will upgrading the client help.
thanks
HI.
> 1. when connecting to the VPN the client can't access the internet
At the client, go to the properties of the VPN connection (networking tab), and remove the option "use default gateway on remote network".
> 2. When the client is behind a firewall using nat it can't connect
Yap. That's a problem.
Contact the firewall administrator at the remote client side.
You'll have similar problems with IPSec behind NAT/firewall as well.
Bye
Yizhar Hurwitz
> 1. when connecting to the VPN the client can't access the internet
At the client, go to the properties of the VPN connection (networking tab), and remove the option "use default gateway on remote network".
> 2. When the client is behind a firewall using nat it can't connect
Yap. That's a problem.
Contact the firewall administrator at the remote client side.
You'll have similar problems with IPSec behind NAT/firewall as well.
Bye
Yizhar Hurwitz
- Thread starter
- #5
1. Doing so changes the routing table so everything is routed through the ISP and not through the VPN connection. Can't i use the VPN connection for browsing the internet too?
2. Suppose i am the administrator on the other network. What change should be done over there. Is the problem is with the NAT/PAT or with access rules?
thanks
2. Suppose i am the administrator on the other network. What change should be done over there. Is the problem is with the NAT/PAT or with access rules?
thanks
1. ... Can't i use the VPN connection for browsing the internet too?
No. Not with the pix.
If you use the Cisco VPN client (IPSec), then you can have more control with the "split-tunnel" option.
Bye
Yizhar Hurwitz
No. Not with the pix.
If you use the Cisco VPN client (IPSec), then you can have more control with the "split-tunnel" option.
Bye
Yizhar Hurwitz
- Status
Similar threads
- Locked
- Question
- Locked
- Question
