Hello all,

I know it's a beta and, things do change... but has anyone been able to get a road-warrior config with L2TP/IPSEC and Mikrotik. I have already done the following with various degrees of success.

On the laptop (a Mac), I'm behind a cellular router which has both dynamic IP to the network and gives the Mac a dynamic IP. No hope of static policies here. The other end is a Mikrotik RB450G with a static public IP and no NAT.

With 4.16, if I created an L2TP?IPSEC on the Mac to the MT, and didn't go through the MiFI, I was able to get the VPN up and running. No surprises there -- no NAT, everything works. If I put the MiFI in place, as expected, IPSEC and L2TP have a different idea of where L2TP lives...

Now I've upgraded to 5.0rc8 and repeated the experiment. As before, with no NATs involved, everything works, but with NAT, and NAT-T enabled, I'm not getting a valid SA. I then tried to open ports 500 and 4500, and I have the same old L2TP issues.

Anyone else get this working?

We have NAT-T working fine for L2TP/IPSec and generate-policy=yes with MAC OS from RC2 upwards. XP and Win7/Vista are another matter.

If you can be more specific about your config and error messages, maybe I can help.