Meraki

Community

Using Windows server as VPN server with L2TP behind MX

Solved
HaniAbuelkhair4
Getting noticed
‎Sep 8 2022 9:24 AM
‎Sep 8 2022 9:24 AM

Using Windows server as VPN server with L2TP behind MX

Hi,

Trying to use Windows server as VPN server using L2TP protocol behind MX 

I know that L2TP VPN will need 

DP 1701 —
UDP 500
UDP 4500 NAT-T 
Protocol 50 ESP

 

As the Windows server behind the MX NAT devise and the windows server dose not have public IP 

 

I was readding about this and its fact that port forward will not help for the ESP protocol and i should use NAT-T instead 

So i think i need to change the registry on the Windows server to allow NAT-T, and then end user machine registry to allow NAT-T but do i need to do any thing from the MX to allow NAT-T maybe one to one NAT but this will need an extra public IP 

 

Any ideas if someone have same setup ?

 

Thanks

0 Kudos
1 Accepted Solution
Brash
Kind of a big deal
Kind of a big deal
‎Sep 8 2022 10:00 AM
‎Sep 8 2022 10:00 AM

NAT-T needs to be configured on the endpoints (client and server). The MX just needs appropriate port forwarding (see below link).

https://documentation.meraki.com/MX/Other_Topics/Using_VPN_through_an_MX_Security_Appliance

View solution in original post

2 Replies 2
Brash
Kind of a big deal
Kind of a big deal
‎Sep 8 2022 10:00 AM
‎Sep 8 2022 10:00 AM

NAT-T needs to be configured on the endpoints (client and server). The MX just needs appropriate port forwarding (see below link).

https://documentation.meraki.com/MX/Other_Topics/Using_VPN_through_an_MX_Security_Appliance

HaniAbuelkhair4
Getting noticed
‎Sep 8 2022 10:24 AM
‎Sep 8 2022 10:24 AM

@Brash Thanks 

Just want to confirm that 

0 Kudos
li.common.scroll-to.top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.