IPSec and 98 SE connection sharing

I am using a windows 98se machine as a gateway for my home
network. The 98se machine connects to the Internet via a
DSL modem using USB. Devices within the home connect to
the Internet via this gateway over an internal LAN.

All computers can surf, read email, etc just fine. But,
my IPSec client, NORTEL CONTIVITY, does not work from the
internal network. This same pc with the Nortel client
works if it's directly connected to the DSL modem.

Question: what is the 98se gateway machine doing to the
IPSec connection that causes it to break?

Thanks

"Mike" <(E-Mail Removed)> wrote in message news:<042e01c3b096$2937eda0$(E-Mail Removed)>...
> I am using a windows 98se machine as a gateway for my home
> network. The 98se machine connects to the Internet via a
> DSL modem using USB. Devices within the home connect to
> the Internet via this gateway over an internal LAN.
>
> All computers can surf, read email, etc just fine. But,
> my IPSec client, NORTEL CONTIVITY, does not work from the
> internal network. This same pc with the Nortel client
> works if it's directly connected to the DSL modem.
>
> Question: what is the 98se gateway machine doing to the
> IPSec connection that causes it to break?
>
> Thanks


I think that Win98 NAT is not IPSec capable, ie it does not know how
to handle ESP/SPI protocols when used in this fasion. This was an
issue will most old NAT routers, and now most of them have a button to
specifically allow IPSec passthru. The only thing that you can do is
on the Contivity enable "NAT Traversal" which will encapsulate the
ESP/SPI traffic into a UDP wrapper and therefore it doesnt matter that
the NAT box cant handle it.

Hope this helps

Rossi