I'm setting up an L2TP/IPSEC with ipsec-tools/racoon. I have multiple Win XP and Win 7 clients behind same NAT and only one can connect the same time to server.
It was written in openl2tp install guide:
For configurations where there are multiple L2TP/IPSec clients behind a NAT gateway at one or more remote sites, additional kernel and ipsec-tools patches are needed. Ipsec-tools patch makes racoon send more info to the kernel for supporting
In one of topics of the forum there was written that Win 7 doesn't support UDP ephemeral port negotiation.viewtopic.php?f=3&t=65
I've tested it myself with Win XP and Win 7. Win XP connected to server with ephemeral port configuration, but Win 7 connected only with option our_udp_port=1701.
So, is it possible to connect multiple Win 7 clients to L2TP/IPSEC after patching or it would work only with Win XP clients?
The patches in openl2tp sources are quite old and there are lot of conflicts with new version of ipsec-tools. Are there any new ones?