Microsoft addresses NAT conflict introduced by SP2 | Tech News on ZDNet
Recently I decided to buy a copy of Tom Shindler’s Configuring ISA Server 2004. As I was glancing through it I remembered that I was still running PPTP on my VPN connection. So I decided to give L2TP another try. L2TP is generally regarded as a more secure method of using a VPN connection than PPTP. I followed Tom’s instructions and I got the same certificate error, 80090016, again. This time I decided to keep going with the procedur and found that the certficate really did get in. So I completed his procedure and tried to make the VPN connection using L2TP. It timed out. Then I tried something different. I made a copy of the connection and changed the host name from the public name to the local IP address. It worked! After a little research I found this article. It may explan why it does not work locally for me. My server is NAT’d and Windows XP with SP2 has NAT problems with L2TP but not with PPTP. That would explain why one works locally while the other does not. This would mean that the L2TP should work for me at a remote site using the public name.