By default, Windows Vista and the Microsoft Windows Server Code Name “Longhorn” operating system do not support Internet Protocol security (IPsec) network address translation (NAT) Traversal (NAT-T) security associations to servers that are located behind a NAT device. Therefore, if the virtual private network (VPN) server is behind a NAT device, a Windows Vista-based VPN client computer or a Windows Server “Longhorn”-based VPN client computer cannot make a Layer Two Tunneling Protocol (L2TP)/IPsec connection to the VPN server.
This issue can be resolved if we make changes to registry.
Always backup Registry before its modified
Make sure Firewall is OFF and follow the below mentioned steps
1. Go to Start>Control panel> User accounts and Turn OFF User control
2. Go to start and enter cmd. this will open command
3. Enter “netsh advfirewall set global ipsec ipsecthroughnat serverandclientbehindnat” without quotes in command prompt.
This will add a new entry “IPsecThroughNAT” in the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy location
4. Open registry editor by entering cmd in Start> Run
5. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
6. On the Edit menu, point to New, and then click DWORD (32-bit) Value.
7. Type AssumeUDPEncapsulationContextOnSendRule, and then press ENTER
8. Right-click AssumeUDPEncapsulationContextOnSendRule, and then click Modify.
9. In the Value Data box, type one of the following values: 2
A value of 2 configures Windows so that it can establish security associations when both the server and the Windows Vista-based or Microsoft Windows Server Code Name “Longhorn”-based VPN client computer are behind NAT devices.
10. Restart your computer
Thats it !
Thanks.Cool solution.
ReplyDeletetop10-bestvpn.com
Thank you.Good manual and nice solution for VPN client.
ReplyDeleteIt works cool on Windows Vista.Helpful post.
10webhostingservice.com