Trying to connect via ipsec to a Windows 2008 R2 when it is behind a NAT.
I keep getting 'No Policy configured' in Audit and the ISAKMP packet is dropped, yet I have inbound, outbound and consec rules and policies and also have an IPSec policy with filterlists, filters and filteractions based off of the Local Security Policy. To keep things simple, I am using preshared keys. The NAT is a separate NAT based on ClearOS (free to use NAT running on Linux) in a separate VM, hence the Windows box is on a private network.
There must be some other policy option required to allow for Audit to allow for the ISAKMP to be processed. Searching the net, technet, stackoverflow, this appears to be a common enough issue, but I have been unable to find a solution. Some have suggested a work-around as in this Stackoverflow article : http://serverfault.com/questions/417251/problems-with-packets-on-ipsec-tunnel-for-windows-2008-r2
But I need to make it work and not rely on something like GreenBow.
Any advice welcome