Unblock ISAKMP protocol

Hi everyone,

I am trying to connect to our office L2TP IPSec VPN that I’ve setup in the Balance 580. I am able to connect if I am directly connected to our ISP’s router(can’t change it to bridged mode) but I am unable to connect if I go through my Balance 380 that I have after my ISP’s router.

I have noticed in the active sessions that the ISAKMP protocol seems to stop or idle right away whenever I try to connect to the L2TP VPN from my PC. I am not sure what rule or option is blocking the protocol but I am sure that the VPN is working correctly as I was able to connect if I am not going through the balance 380 as stated earlier.

Home setup: ISP router - > Balance 380 -> unmanaged switch - > PC(s)

Hello Carl @carlht,
On your ISPs router, do you have the ability to edit the internal NAT & Firewall rules? You will need to be able to edit these if you are unable to operate in bridge mode.

Also, is your ISP NATing your connection, if so they will be blocking any connection to your ISP supplied modem so even if you can reprogram their router you still are unlikely to get an inbound connection.

Alternatively (as we do with the majority of our clients) dump the IPSs router and connect without it. What is your ISPs connection (fibre, ethernet, HFC, VDSL) as this will determine what equipment you may need to bridge through without their router.

Happy to Help,
Marcus :slight_smile:

1 Like

HI mldowling, thanks for the response. Unfortunately I do not have the ability to edit the internal NAT and firewall rules (or) I am thinking it does nothing at all ever since we got transitioned over to CGNAT but just to point out that I am able to connect to the IPSec VPN server when I am directly connected to the ISP router and not through the Balance device I have so that should not be the problem? I am guessing here but logically that tells me that should not be the issue.