Proxicast

Topics > VPN > FAQ ID # 170

FAQ ID # 170
Last Update : 2009/07/10
Rating : Not Rated
Send FAQ by E-mail
Add to favorites
Print this FAQ

Social Bookmark this Article :


Question / Issue
VPN Client works from home but not from office

Answer / Solution


Issue:
The Proxicast VPN Client for Windows can make a VPN connection to a LAN-Cell from a home or mobile Internet connection, but not when installed on a PC on a corporate network.

Resolution:
When using the Proxicast VPN Client behind a corporate firewall/router you may need to enable the NAT-Traversal (NAT-T) feature of the VPN to handle the network address translation that the corporate router is performing on all traffic.

  • On the LAN-Cell, go to the VPN Config menu, then select the Gateway Policy you want to edit (first row of the VPN rule pair).

  • Check the NAT-Traversal checkbox near the top of the screen and click Apply to save the change

  • On the VPN Client for Windows, NAT-T is set to Automatic by default. You can confirm this setting by selecting the Phase 1 policy and the clicking the "P1 Advanced" button.

Beyond NAT-T, the corporate firewall must enable traffic on the standard VPN ports: UDP-500 for IKE, UDP-4500 for NAT-T as well as permitting ESP traffic for the IPSec Tunnel itself. Most firewalls permit these outbound connections by default.


Related FAQs
If I create a VPN tunnel, do I also need to create NAT and Firewall rules?
Tech Note: LAN-Cell VPN Planner
Tech Note: Proxicast VPN Client for Windows Example

Direct Link to This FAQ
http://www.proxicast.com/AbsoluteFM/?f=170

Tags
VPN tunnel ipsec block firewall router
How would you rate this article?

Poor
1
2
3
4
5

Great
Submit

Back to Top