Fix for Microsoft Windows XP Service Pack 2 VPN NAT-T problem

After spending a week researching this issue and talking to the folks at Microsoft, I published this story on ZDNet.

To simplify this patch in a large deployment, I wrote a script to convert Windows XP Service Pack 2 to pre-Service Pack 2 VPN behavior. Microsoft could not give a reason why they changed this behavior and refused to classify the Pre-SP2 behavior in Windows XP VPN as a "vulnerability". Therefore, I can't see why anyone would want to disable the NAT-T capability of the Windows L2TP IPsec client.

There is no warrantee to this script. To use this script, you take full risk of any damages that may be caused by this script. If you agree to these terms, you may download this script now and run it. Oh, you do have to reboot after you install the script. Enjoy!

If you wish to put Windows XP SP2 back to it's default behavior, use this script.

George Ou