Access L2TP/IPsec server behind a NAT device in Windows
Windows by default prevents access to IPsec that is located behind a NAT device like a firewall. This prevents access to the L2TP VPN server in such cases. This can be bypassed by adding a registry entry named
On the Windows computer be sure you are logged in as an admin user.
Search for regedit and then right click on it and select Run as Administrator. In Windows XP just double click.
Locate and then click on the following registry key
Windows Vista, 7 and 8 - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
Windows XP - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec
On the Edit menu, point to New, and then click DWORD (32-bit) Value.
Type AssumeUDPEncapsulationContextOnSendRule and then press ENTER.
Right click on the AssumeUDPEncapsulationContextOnSendRule you just created and click Modify.
In the Value Data box, type the number 2 as the value and click OK.
Reboot the computer.