General discussion


IPSec VPN ****

By CG IT ·
A company asked me to setup remote access to a secure database for them using W2003 RRAS. Sure, no problem, done it many times. Server is up, access rules created, router configured to forward L2TP requests to the RRAS server... PPTP works perfectly but L2TP IPSec with certificates and/or preshared key, fails.

After a couple of days of 1 hour here, 1 hour there troubleshooting, find out their perimeter router [Cisco SMB router] has a bug. Their IPSec VPN IP protocol 50 passthrough is seen as by the router O/S as port forward rule so you can't create UDP 500 IKE to the RRAS server. Can't create a UDP port 4500 forwarding rule either.

Cisco, in their infinite wisdom didn't believe it until we allowed them into to the system to look. Sure enough, IPSec traffic monitoring on the external interface of the RRAS server showed L2TP and IPSec traffic not being received.

Used to be, I could setup, configure and get running secure VPN for remote clients in a day or so. This has dragged on for a couple weeks.

Anyone else with IPSec VPN ****...

I tell ya, I long for the days then equipment might have cost more but it worked and it lasted. This "better, cheaper, faster" stuff is the pits.

Ended up returing the SMB router and exchange for a pricy entry level router but that using that, the Remote Access was up and running without a hitch in a day.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -


by seanferd In reply to IPSec VPN ****

Must be Cisco was diverting too many resources to the Flip, so people could video their dogs in leather jackets.

Collapse -

well when everyone wants more for less

by .Martin. In reply to IPSec VPN ****

that's what happens.

It is a sad day when everything turns that way, and it doesn't look like it is going to go back...

I would prefer to pay more for something that will last

Related Discussions

Related Forums