Using the Nortel Contivity VPN client behind an ISA server 2000
- From: "Nicholas Palmer" <NICK@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 26 Feb 2004 10:27:40 -0800
Hi all,
Hopefully someone here has seen this problem. Here is the situation.
I've got a customer rep who has brought in a laptop. He has the Nortel
Contivity VPN client (version V04_65.09) on it, and wants to use this to
VPN back to his network. Sounds fine. I gave him a network address and
set him up as a SecureNAT client so he can get directory to the
internet. I'm running ISA 2000 on a Windows 2000 SP4 server. So, after
giving him the IP address, we can ping outside address and get replies,
so I know he is getting out. So next, we try and use the Nortel VPN
client. We put in all the info and try and connect. It starts
connecting, and it thinks for a while, and then I believe it is almost
done, and I get a message saying "The secure Contivity VPN connection
has been lost. Click Connect to re-establish the connection.". If I
take a look at the log file that the client generates, it seems to have
almost connected. Here is the relevant part of the log (with IP address
and names changed)
Wed Feb 25 17:09:05 2004 | ConfMode | I | Domain name set to
"XX.XXX.com".
Wed Feb 25 17:09:05 2004 | ConfMode | I | Primary Domain Name Server
"XXX.XXX.XXX.10".
Wed Feb 25 17:09:05 2004 | ConfMode | I | Secondary Domain Name Server
"XXX.XXX.XXX.132".
Wed Feb 25 17:09:05 2004 | ConfMode | I | Primary WINS Server
"XXX.XXX.XXX.100".
Wed Feb 25 17:09:05 2004 | ConfMode | I | Secondary WINS Server
"XXX.XXX.XXX.16".
Wed Feb 25 17:09:05 2004 | ConfMode | I | Saving Password on client is
turned Off.
Wed Feb 25 17:09:05 2004 | ConfMode | I | Primary Failover
"XXX.XXX.XXX.67".
Wed Feb 25 17:09:05 2004 | ConfMode | I | Secondary Failover
"XXX.XXX.XXX.68".
Wed Feb 25 17:09:05 2004 | ConfMode | I | NAT Traversal invoked.
Wed Feb 25 17:09:05 2004 | ConfMode | I | Received NAT Keepalive value
of 18 seconds from switch.
Wed Feb 25 17:09:05 2004 | ConfMode | I | Current time on switch is
02/25/04 22:09:06 GMT.
Wed Feb 25 17:09:09 2004 | NameSrvr | W | Adding DNS Servers
"XXX.XXX.XXX.10 XXX.XXX.XXX.132".
Wed Feb 25 17:09:09 2004 | NameSrvr | W | Adding WINS Servers
"XXX.XXX.XXX.100 *XXX.XXX.XXX.16".
Wed Feb 25 17:09:09 2004 | Failover | I | Failover list set to
"XXX.XXX.XXX.67 XXX.XXX.XXX.68 ".
Wed Feb 25 17:10:21 2004 | Isakmpd | F | The secure Contivity VPN
connection has been lost.
Click Connect to re-establish the connection.
I've read the article "How to pass IPSec traffic through ISA Server" in
on isaserver.org and have done all those steps, but I'm still stumped.
Anybody have any ideas ?
Thanks in advance,
Nick
____________________
Nicholas Palmer
KCI Computing, Inc.
(nick@xxxxxxxxxxx)
310.921.6222
Other related posts:
- » Using the Nortel Contivity VPN client behind an ISA server 2000
