03/26/2020 5 People found this article helpful 453,721 Views
NAT traversal support with transport mode of L2TP over IPsec
When using a Microsoft VPN client to connect to the SonicWall's L2TP server, the L2TP-over-IPsec protocols are implemented in transport mode rather than tunnel mode. In SonicOS Standard, transport mode does not support NAT traversal. At this time (version 3.1), SonicOS Standard does not support the connection of L2TP clients to the SonicWall from behind NAT devices.
The transport mode implementation in SonicOS Enhanced does support NAT traversal. Consider upgrading to SonicOS Enhanced 3.2 or higher to resolve this issue and allow VPN clients behind NAT devices to connect to the SonicWall's L2TP server. Review Chapter 47 of the SonicOS Enhanced 3.2 Administrator's Guide for additional information on configuring the SonicWall's L2TP server.
Note: The requirements for the Windows XP L2TP client to work with a SonicWall L2TP server across an intervening NAT device are as follows:
See the Microsoft TechNet article Using IPsec for Network Protection for additional background information.