首先，很遗憾的告诉大家，l2tp 不可以通过isa,只有pptp 可以

原因可以看这篇文章，其实不光是isa,l2tp不可以通过任何nat 出去

http://support.microsoft.com/?scid=kb;en-us;Q314764

http://support.microsoft.com/?scid=kb;en-us;Q259335

====

If the Virtual Private Network (VPN) client is behind any network device performing Network Address Translation (NAT), the L2TP session fails because encrypted IPSec Encapsulating Security Payload (ESP) packets become corrupted. If the VPN client is on the same computer as Windows Internet Connection Sharing/Network Address Translation, the client is most likely able to establish an L2TP session because NAT does not perform any IP address or Port translation when packets originate from its own node.

====

但是如果把isa 也作为vpn server ，那他是可以接受外网l2tp请求的

最后，其实有一个workround,那就是用win2003 做vpn server ,客户端用win2k 或者winxp，那打一个补丁以后就可以通过nat 使用l2tp