Allowing VPN connectivity to Windows routing & remote access
now I've got my IPSEC working I figured I should have a go at setting up L2TP/IPSEC VPN on a Windows 2019 server running remote routing & ras.
The windows piece of the puzzle seems straight forward (ish) but I'm not sure what I need to do on the netgate to allow access to the box...
I've added a NAT rule that says any traffic on port 1701 to allow and redirect to my Windows server.... but I figure there should be more to it than that....
Help as ever would be gratefully received.
You will need more than that :)
take a look at https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd458955(v=ws.10)?redirectedfrom=MSDN
old but so is l2tp/ipsec ....
It's L2TP over IPSec transport so the firewall should only see the IPSec part. You would need to forward UDP ports 500 and 4500 and possibly ESP if you want a non-NAT-T connection.