For Windows XP, how do I download and install the L2TP/IPsecNAT-T update?

Note: For VPN when connecting from off campus, use the recommended SSL VPN if your campus supports it. The IPsec VPN at IUB and IUPUI will eventually be retired.

How to tell if you need this update

If your Windows XP computer is assigned a private IP address and must go through a network address translation (NAT) device to connect to the Internet, and if you wish to make IPsec VPN connections to the Indiana University network, you will need Microsoft's L2TP/IPsec NAT-T patch.

A NAT device is any sort of router or network hardware that does network address translation between the Internet and a computer or network using private IP addresses. Most home and small office routers fit this description, though it's possible for large businesses and networks to use private IP addresses and NAT devices. If your computer's IP address falls within the following ranges, you have a private IP address and connect to the Internet through a NAT device:

To find your computer's IP address, see How do I determine my computer's IP address?

If you have any other IP address, you do not need this update for that specific connection. Keep in mind that you may need it for connections at other locations if you use private IP addresses and NAT devices there.

Installing the update

Note: Vista has native support for this feature; however, by default, it is disabled. To enable this feature, see article 926179 at Microsoft Help and Support.

Search Microsoft Help and Support.

In Windows XP, to install the update, install Service Pack 3 (SP3); this contains the L2TP/IPsec NAT-T update in addition to other important system updates. Updates in SPs have gone through more testing than the original updates and may include important changes not available in the original update; see What are patches, hotfixes, and service packs?

Comments/Questions/Corrections