Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. FIX: You cannot connect to an L2TP/IPsec server behind a NAT-T device in Windows Embedded Compact 7

FIX: You cannot connect to an L2TP/IPsec server behind a NAT-T device in Windows Embedded Compact 7

View products that this article applies to.

Introduction

This article describes an issue in which you cannot connect to an L2TP/IPsec server behind a NAT-T device in Windows Embedded Compact 7. An update is available to resolve this issue. Before you install this update, all previously issued updates for this product must be installed.

↑ Back to the top

Symptoms

Consider the following scenario:
  • You have network address translation (NAT) and virtual private network (VPN) enabled on a device that is running Windows Embedded Compact 7.
  • You create a VPN (L2TP/IPSec) connection from the Network and Dial-up connection item on this device.

In this scenario, after you connect to the VPN server from this device, you cannot connect to an L2TP/IPsec server behind a NAT-T device.

↑ Back to the top

Resolution

To resolve this problem, install this update. After this update is installed, you can use the new AssumeUDPEncapsulationContextOnSendRule value in the registry to support connecting to an L2TP/IPsec server behind a NAT-T device on a Windows Embedded Compact 7 based device.

The AssumeUDPEncapsulationContextOnSendRule value is located under the following registry subkey:
 
HKEY_LOCAL_MACHINE\Comm\L2TP1\Parms

You can configure the following values:
  • If you set the AssumeUDPEncapsulationContextOnSendRule value to 0, the device cannot establish security associations with servers that are located behind NAT devices. This is the default value.
  • If you set the AssumeUDPEncapsulationContextOnSendRule value to 1, the device can establish security associations with servers that are located behind NAT devices.
  • If you set the AssumeUDPEncapsulationContextOnSendRule value to 2, the device can establish security associations if both the server and the device are behind NAT devices.

You also need to configure the following registry setting in your OSDesign.reg file. This allows the system to check the AssumeUDPEncapsulationContextOnSendRule value.

; Deleting registry value of "UseIPSec" which is configured in common.reg by following setting

[HKEY_LOCAL_MACHINE\Comm\L2TP1\Parms]
     "UseIPSec"=-

Software update information

A supported software update is now available from Microsoft as Windows Embedded Compact 7 Monthly Update (April 2015).

Note This Windows Embedded Compact 7 Monthly Update is available for download from the following Microsoft Download Center website:
Windows Embedded Compact 7 Updates

Prerequisites

This update is supported only if all previously issued updates for this product are already installed.

Restart requirement

After you apply this update, you must perform a clean build of the whole platform. To do this, use one of the following methods:
  • On the Build menu, click Clean Solution, and then click Build Solution.
  • On the Build menu, click Rebuild Solution.
You do not have to restart the computer after you apply this software update.
 

Update replacement information

This update does not replace any other updates.
 
File information

 

The English version of this software update package has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
 
Files that are included in this update package
File name File size Date Time Path
L2tp.lib 2,251,132 06-Nov-2014 10:18 Public\Common\Oak\Lib\Mipsii\Checked
L2tp.lib 1,969,520 06-Nov-2014 10:18 Public\Common\Oak\Lib\Mipsii\Retail
L2tp.lib 2,439,944 06-Nov-2014 10:17 Public\Common\Oak\Lib\Mipsii\Debug
L2tp.lib 2,302,466 06-Nov-2014 10:18 Public\Common\Oak\Lib\Armv6\Checked
L2tp.lib 1,990,908 06-Nov-2014 10:19 Public\Common\Oak\Lib\Armv6\Retail
L2tp.lib 2,507,922 06-Nov-2014 10:17 Public\Common\Oak\Lib\Armv6\Debug
L2tp.lib 2,116,054 06-Nov-2014 10:17 Public\Common\Oak\Lib\X86\Checked
L2tp.lib 1,843,594 06-Nov-2014 10:17 Public\Common\Oak\Lib\X86\Retail
L2tp.lib 2,176,568 06-Nov-2014 10:17 Public\Common\Oak\Lib\X86\Debug
L2tp.lib 2,090,094 06-Nov-2014 10:18 Public\Common\Oak\Lib\Sh4\Checked
L2tp.lib 1,872,174 06-Nov-2014 10:18 Public\Common\Oak\Lib\Sh4\Retail
L2tp.lib 2,236,332 06-Nov-2014 10:18 Public\Common\Oak\Lib\Sh4\Debug
L2tp.lib 2,253,872 06-Nov-2014 10:18 Public\Common\Oak\Lib\Mipsii_fp\Checked
L2tp.lib 1,972,394 06-Nov-2014 10:18 Public\Common\Oak\Lib\Mipsii_fp\Retail
L2tp.lib 2,442,812 06-Nov-2014 10:17 Public\Common\Oak\Lib\Mipsii_fp\Debug
L2tp.lib 2,290,340 06-Nov-2014 10:18 Public\Common\Oak\Lib\Armv7\Checked
L2tp.lib 1,983,220 06-Nov-2014 10:18 Public\Common\Oak\Lib\Armv7\Retail
L2tp.lib 2,498,612 06-Nov-2014 10:17 Public\Common\Oak\Lib\Armv7\Debug
L2tp.lib 2,302,474 06-Nov-2014 10:18 Public\Common\Oak\Lib\Armv5\Checked
L2tp.lib 1,990,916 06-Nov-2014 10:18 Public\Common\Oak\Lib\Armv5\Retail
L2tp.lib 2,508,788 06-Nov-2014 10:17 Public\Common\Oak\Lib\Armv5\Debug

↑ Back to the top

References

Learn about the terminology that Microsoft uses to describe software updates.

↑ Back to the top

Keywords: kbqfe, kbfix, kbnotautohotfix, kbpubtypekc, kbexpertiseinter, kbsurveynew, atdownload, kb

↑ Back to the top

Article Info
Article ID : 3046488
Revision : 4
Created on : 7/18/2018
Published on : 7/18/2018
Exists online : False
Views : 147