IPSEC NAT limitation

svetozar · March 17, 2014, 6:29am

Hello community. Today i’ve setup L2TP IPSEC tunnel and reached limitation described in IPSEC wiki:

Only one L2TP/IpSec connection can be established through the NAT. Which means that only one client can connect to the sever located behind the same router.

I know WHY this happens, my question is HOW to bypass it? Will Shrew VPN client help me out? I have more than one road-warrior and in general all of they have gray IPs.

Simple network map
[ Mikrotik L2TP IPSEC with white WAN IP ] <— [ TEH INTERWEB ] <— [ Multiple road-warriors, some of them are behind NAT ]

Ta

andriys · March 17, 2014, 9:44am

No, it wont. It seems to be a “well known missing feature”. And it is completely unclear if Mikrotik is going to do anything about it at all.

Mikrotik is not the right choice for this kind of stuff at the moment. The best you can do at the moment is buying another vendor device.

tomaskir · March 17, 2014, 10:07am

It is indeed not going to work, and it is a pain that this is not supported.

Consider this post a bump - basicly “I have the same problem, wish it would be fixed”.

efaden · March 17, 2014, 11:07am

I agree

Sent from my SCH-I545 using Tapatalk

marrold · March 17, 2014, 5:04pm

Ouch. This should be fixed ASAP.

jaytcsd · March 17, 2014, 11:20pm

According to this post it will be fixed.

http://forum.mikrotik.com/t/l2tp-ipsec-for-road-warrior/75256/19

tomaskir · March 18, 2014, 9:07am

That is extremly good news!

Any chance of official confirmation of this?