Ruijie Community

Title: L2TP Passthrough & IP Protocol 50 & 51 [Print this page]
Author: Bradoc    Time: 2022-7-23 21:15
Title: L2TP Passthrough & IP Protocol 50 & 51
Does the EG105G-V2 support L2TP/IPSec pass-through to a Windows server?

How do I port forward(port map) IP Protocols 50 ESP & 51 AH ?

Author: zhangwei13    Time: 2022-7-23 22:57
Hi sir, you can follow the guide in this link to configure the VPN between Reyee EG with PC.  https://community.ruijienetworks.com/forum.php?mod=viewthread&tid=2304

Author: zhangwei13    Time: 2022-7-23 22:57
GTAC-Wayne replied at 2022-7-23 22:57
Hi sir,
Hi sir,  could you please provide more information about the '50 ESP & 51 AH '?

Author: brandon.docke@p    Time: 2022-7-24 02:18
GTAC-Wayne replied at 2022-7-23 22:57
Hi sir, you can follow the guide in this link to configure the VPN between Reyee EG with PC.  https: ...

Hi GTAC-Wayne,

Thank you for the reply, but I do not wish to create a VPN to the Ruijie router.
The VPN server is on a Windows Server 2019 behind the Ruijie and I wish to connect to it via L2TP/IPsec.
Currently there is a PPTP VPN server running and your router allows connection to the Windows VPN server. PPTP pass-through is allowed and your router automatically forwards IP Protocol 47 GRE to the internal IP.

I would like the change the VPN from PPTP to L2TP/IPsec, but I am not sure if L2TP pass-through is allowed.

Thanks

Author: brandon.docke@p    Time: 2022-7-24 02:28
Edited by Bradoc at 2022-7-24 02:30

GTAC-Wayne replied at 2022-7-23 22:57
GTAC-Wayne replied at 2022-7-23 22:57
Hi sir,Hi sir,  could you please provide more information abou ...
Hi GTAC-Wayne

IP Protocol 50, ESP, Encapsulation Security Payload, is not a TCP and UDP based protocol.
IP Protocol 51, AH, Authentication Header, is not a TCP and UDP based protocol.

IP protocol ID 50 should be set to allow IPSec Encapsulating Security Protocol (ESP) traffic to be forwarded. Finally, IP protocol ID 51 should be set to allow Authentication Header (AH) traffic to be forwarded.


It is a common thing to check if a VPN connection fails through a firewall.
PPTP uses IP Protocol 47, GRE, Generic Routing Encapsulation
List of IP protocol numbers - Wikipedia
Author: zhangwei13    Time: 2022-7-27 15:37
Bradoc replied at 2022-7-24 02:18
Hi GTAC-Wayne,

Thank you for the reply, but I do not wish to create a VPN to the Ruijie router.

Hi sir, sorry for not reply timely.


Whether you want configure VPN like this in your windows server? If yes, you can configure them
If the connection between server and client is normal
Author: brandon.docke@p    Time: 2022-7-27 16:06
GTAC-Wayne replied at 2022-7-27 15:37
Hi sir, sorry for not reply timely.

Okay, thank you for getting back to me.
So i can just port forward(port map) UDP 1701 & 500 & 4500 to the Windows server IP and the L2TP\IPSec VPN should work?

Author: zhangwei13    Time: 2022-7-28 10:06
Bradoc replied at 2022-7-27 16:06
Okay, thank you for getting back to me.
So i can just port forward(port map) UDP 1701 & 500 & 4500 ...



if you want configure VPN like this in your windows, then you not need to do port forward(port map) UDP 1701 & 500 & 4500 .



Author: brandon.docke@p    Time: 2022-7-29 13:59
GTAC-Wayne replied at 2022-7-28 10:06
if you want configure VPN like this in your windows, then you not need to do port forward(port m ...

Thank you GTAC-Wayne.

It does not seem to work, so I will try the routers built-in VPN server and troubleshoot the Windows Server VPN later.

Author: zhangwei13    Time: 2022-7-29 16:37
Bradoc replied at 2022-7-29 13:59
Thank you GTAC-Wayne.

It does not seem to work, so I will try the routers built-in VPN server and ...

Dear sir

    Sorry for not reply timely and thank for the reply.

    For communicating effciently and timely. Suggesting you communicate with us about this matter on our RITA--Live Chat.

    https://www.sobotws.cn/chat/pc/v2/index.html?sysnum=eee7ec2e351e4569a4791536fb5f0973&tnk=1640783350297


Author: brandon.docke@p    Time: 2022-7-31 17:08
GTAC-Wayne replied at 2022-7-29 16:37
Dear sir

    Sorry for not reply timely and thank for the reply.

I have found the answer to the problem.
I have to create a Registry Key on the client side Windows 10 PC.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
AssumeUDPEncapsulationContextOnSendRule       REG_DWORD                  2

Your router does allow L2TP/IPsec passthrough, through NAT.

Thank you for your assistance.

Author: zhangwei13    Time: 2022-8-1 09:55
Bradoc replied at 2022-7-31 17:08
I have found the answer to the problem.
I have to create a Registry Key on the client side Windows ...

Noted it, thanks for the reply.
Welcome to contact us again if you have any questions or suggestions






Welcome to Ruijie Community (https://community.ruijienetworks.com/) Powered by Discuz! X3.2