![]() It is not clear to me if machines that have been upgraded to XP SP2 are also subject to the new default. This prevents most home users from using IPsec without making adjustments to their computer configuration. The default behavior of Windows XP SP2 was changed to no longer have NAT-T enabled by default, because of a rare and controversial security issue. Often this is accomplished on home routers by enabling "IPsec Passthrough". ![]() Encapsulating Security Payload (ESP) - IP protocol number 50.Internet Key Exchange (IKE) - User Datagram Protocol (UDP) port 500. ![]() In order for IPsec to work through a NAT, the following protocols need to be allowed on the firewall: If the server uses NAT, then see Microsoft's KB 885407, "The default behavior of IPsec NAT traversal (NAT-T) is changed in Windows XP Service Pack 2". Assuming this is a Windows XP SP2 or later client: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |