Hi everybody,
I also posted this question at the Dell-forum site

At our company we use D820 with 5505 WWAN modems and D830 with 5520 WWAN
modems, both have Windows XP/SP2 installed.

We use de modems to connect to the Internet and that works perfectly.

After connecting to the Internet I make a VPN connection to a MS RRAS
2k3/sp2 server with L2TP certificate based authentication. The RAS server is
behind a NAT device so on the client side I have set the option
AssumeUDPEncapsulationContextOnSendRule=2 at the IPSec registry-parameters

On the D820 this works fine, on the D830 I receive error: 792 Timeout
negotiating L2tp.

Using Wireshark, I notice on the D820 when negotiatin Main Mode the
communcation changes from UDP/500 to UDP/4500, which is normal behaviour for
L2TP through a NAT device.

On the D830 I see during the Main Mode negotiation that de D830 changes to
UDP/4500, but the MS RAS server keeps responding in UDP/500. The oakley.log
file also confirms this:

5-16: 09:39:43:625:204 Sending: SA = 0x000E47F0 to
[ras-server-ip-address]:Type 2.4500
5-16: 09:39:43:625:204 ISAKMP Header: (V1.0), len = 2540
5-16: 09:39:43:625:204 I-COOKIE 34eaa8275d9ac959
5-16: 09:39:43:625:204 R-COOKIE 7ab8a46a00b89d5f
5-16: 09:39:43:625:204 exchange: Oakley Main Mode
5-16: 09:39:43:625:204 flags: 1 ( encrypted )
5-16: 09:39:43:625:204 next payload: ID
5-16: 09:39:43:625:204 message ID: 00000000
5-16: 09:39:43:625:204 Ports S:9411 D:9411
5-16: 09:39:44:453:204
5-16: 09:39:44:453:204 Receive: (get) SA = 0x000e47f0 from
[ras-server-ip-address].500
5-16: 09:39:44:453:204 ISAKMP Header: (V1.0), len = 295
5-16: 09:39:44:453:204 I-COOKIE 34eaa8275d9ac959
5-16: 09:39:44:453:204 R-COOKIE 7ab8a46a00b89d5f
5-16: 09:39:44:453:204 exchange: Oakley Main Mode
5-16: 09:39:44:453:204 flags: 0
5-16: 09:39:44:453:204 next payload: KE
5-16: 09:39:44:453:204 message ID: 00000000
5-16: 09:39:44:453:204 received an unencrypted packet when crypto active
5-16: 09:39:44:453:204 GetPacket failed 35ec
5-16: 09:39:44:687:858 retransmit: sa = 000E47F0 centry 00000000 , count = 1

Reading the oakley.log I can see after 6 tries the D830 gives up and
terminates the negotiation and thus the VPN connection.

Strangly, when I remove the 5505 module from the D820 and place it in the
D830 my VPN connection works fine! Both modules use the same driver v3.0.0.4,
so I dont think it's a driver problem. Firmware maybe? I updated my 5520
module to the latest.

So, why doesn't the 5520 module allow L2TP-VPN connections?

Thanks for any help

Arnie