Enable L2TP/IPSEC Behind a NAT Microsoft Windows 10/11

By default, Windows 10/11 does not allow IPSEC connections behind a NAT.

1. Open Regedit and navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
2. Under the edit menu select new DWORD (32-bit) Value.
   • Type AssumeUDPEncapsulationContextOnSendRule and hit enter.
3. Right Click AssumeUDPEncapsulationContextOnSendRule and select Modify.
4. In the Value Data box type the value of 2 to allow VPN connections when the Server and Client are located behind a NAT.