[fw-wiz] Symantec firewall/vpn & Nortel Contivity 2700 branch office tunnel
From: Scott Thomas (SThomas_at_PRESIDIO.com)
Date: 11/14/03
- Previous message: TSimons_at_Delphi-Tech.com: "RE: [fw-wiz] RE: Why blocking bogons buys you nothing (Mikael Ols son)"
- Next in thread: TSimons_at_Delphi-Tech.com: "RE: [fw-wiz] Symantec firewall/vpn & Nortel Contivity 2700 branch office tunnel"
- Maybe reply: TSimons_at_Delphi-Tech.com: "RE: [fw-wiz] Symantec firewall/vpn & Nortel Contivity 2700 branch office tunnel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <firewall-wizards@honor.icsalabs.com> Date: Fri, 14 Nov 2003 10:31:22 -0500
Does anyone have any advice on getting a Symantec firewall/vpn 200R version V1.R5T to talk to a Nortel Contivity 2700. The IPsec settings seem to be the same on both ends but it is producing this error:
11/12/2003 14:35:34 0 BoTest [01] ---------------Branch Office Test
Initiated: [XX.XX.XXX.XXX:XX.XX.X.XXX]---------------
11/12/2003 14:35:34 0 BoTest [01] o Initiating the first connection
within the branch-office tunnel....
11/12/2003 14:35:34 0 Branch Office [01] IPSEC branch office
connection initiated to rem[XX.XX.XX.X-255.255.255.0]@[XX.XX.XX.X]
loc[XX.XX.XX.X-255.255.255.240]
11/12/2003 14:35:34 0 Security [11] Session: IPSEC[XX.XX.XX.X]
attempting login
11/12/2003 14:35:34 0 Security [01] Session: IPSEC[XX.XX.XX.X] has
no active sessions
11/12/2003 14:35:34 0 Security [01] Session: IPSECXX.XX.XX.X]
Optimal has no active accounts
11/12/2003 14:35:35 0 Security [01] Session:
IPSEC[XX.XX.XX.X]:213330 SHARED-SECRET authenticate attempt...
11/12/2003 14:35:35 0 Security [01] Session:
IPSEC[XX.XX.XX.X]:213330 attempting authentication using LOCAL
11/12/2003 14:35:35 0 Security [11] Session:
IPSEC[XX.XX.XX.X]:213330 authenticated using LOCAL
11/12/2003 14:35:35 0 Security [11] Session:
IPSEC[XX.XX.XX.X]:213330 bound to group
/Base/i2_3rd_party_Symantec/Optimal
11/12/2003 14:35:35 0 Security [01] Session:
IPSEC[XX.XX.XX.X]:213330 using group filter permit all
11/12/2003 14:35:35 0 Security [01] Session:
IPSEC[XX.XX.XX.X]:213330 LOCAL IN FILTER 1 permit UDP any any EQ
67
FILTER 1 permit UDP any any EQ 68
11/12/2003 14:35:35 0 Security [01] Session:
IPSEC[XX.XX.XX.X]:213330 LOCAL IN FILTER 1 permit UDP any any EQ
67
FILTER 1 permit UDP any any EQ 68
11/12/2003 14:35:35 0 Security [11] Session:
IPSEC[XX.XX.XX.X]:213330 authorized
11/12/2003 14:35:35 0 Security [11] Session: network
IPSEC[XX.XX.XX.X-255.255.255.0] attempting login
11/12/2003 14:35:35 0 Security [11] Session: network
IPSEC[XX.XX.XX.X-255.255.255.0] logged in from gateway
[XX.XX.XX.X]
11/12/2003 14:35:35 0 ISAKMP [02] ISAKMP SA established with
XX.XX.XX.X
11/12/2003 14:35:35 0 ISAKMP [03] Unprotected Notify: Invalid SPI
in proposal in message from XX.XX.XX.X being dropped
TIA
Scott
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: TSimons_at_Delphi-Tech.com: "RE: [fw-wiz] RE: Why blocking bogons buys you nothing (Mikael Ols son)"
- Next in thread: TSimons_at_Delphi-Tech.com: "RE: [fw-wiz] Symantec firewall/vpn & Nortel Contivity 2700 branch office tunnel"
- Maybe reply: TSimons_at_Delphi-Tech.com: "RE: [fw-wiz] Symantec firewall/vpn & Nortel Contivity 2700 branch office tunnel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
