This is not really a Mikrotik question, but the people here have lots of experience with routers generally so I will ask anyway... I (of course) use a Mikrotik router at home. I also have a Synology NAS at home, which supports an LT2P/IPsec VPN (with PSK). I have forwarded UDP ports 1701, 500 and 4500 through the Mikrotik, and connections from outside work flawlessly. When I configure another Synology, this one at a client site, the exact same way, the port forwarding through the Telstra-supplied router just doesn't work. I have disabled the in-router VPN. The client says that the L2TP negotiation failed. Now here's the thing: Connecting to the VPN from inside the network works fine. So L2TP, IKE, IPsec-NAT-T, the pre-shared key and the NAS user credentials are all demonstrably correct. Attempt from outside the network and - nope. Not sure of the model of Telstra router (it's the black-faced vertical one with the big blue-lit button at top). Anyway, I have a couple of other Telstra routers, one a Netgear DEVG2020, on a Technicolor TG799vac. and as far as I can tell they don't work either! Is this a Telstra thing - don't let VPNs through? Is there a trick to it? Short of replacing the things with Mikrotiks, which I am seriously considering recommending... Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@nullarbor.com.au) work +61 2 64957435 http://www.nullarbor.com.au mobile +61 428 957160 GPG fingerprint: CF68 0C56 EEE4 CC19 28D4 03B3 BCE0 E800 E31F 7254 Old fingerprint: 887A DA07 4DCC EE76 B413 27D4 C638 4189 6CF0 D556