Fix for Microsoft Windows XP Service Pack 2 VPN NAT-T problem
After spending a week researching this issue and talking to the folks at Microsoft,
I published this story
To simplify this patch in a large deployment, I wrote a script to convert Windows
XP Service Pack 2 to pre-Service Pack 2 VPN behavior. Microsoft could not give
a reason why they changed this behavior and refused to classify the Pre-SP2 behavior
in Windows XP VPN as a "vulnerability". Therefore, I can't see why anyone
would want to disable the NAT-T capability of the Windows L2TP IPsec client.
There is no warrantee to this script. To use this script, you take full risk of
any damages that may be caused by this script. If you agree to these terms, you
may download this script now and run it. Oh, you do
have to reboot after you install the script. Enjoy!
If you wish to put Windows XP SP2 back to it's default behavior, use this script.