IPSec VPN problem with a CISCO C827 ADSL Router and a Nortel Contivity VPN Client

Discussion in 'Cisco' started by mw, Apr 19, 2005.

  1. mw

    mw Guest

    Hi,

    I'm a newbie and I'm facing a problem.

    I need to connect to a VPN, through IPSec. I have a CISCO C827 ADSL Router.
    I'm using Nortel Contivity VPN Client.

    If I connect by a modem to any provider, it works great.
    If I try to do it through the C827, no way. It says on my side : Server not
    responding, and on the server side : Client not responding.

    Anybody knows how I could/should configure my router to have it work ?

    Here's a piece of my configuration :


    ip dhcp pool maison
    network 192.168.1.0 255.255.255.0
    default-router 192.168.1.254
    dns-server xxxxxxxxxx xxxxxxxxxxxxxxx
    !
    !
    !
    interface Ethernet0
    ip address 192.168.1.254 255.255.255.0
    ip nat inside
    hold-queue 100 out
    !
    interface ATM0
    no ip address
    no atm ilmi-keepalive
    dsl operating-mode auto
    hold-queue 224 in
    pvc 8/35
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    !
    interface Dialer0
    ip address negotiated
    ip nat outside
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    ppp authentication chap callin
    ppp chap hostname xxxxxxxx
    ppp chap password x xxxxxxxx
    !
    ip nat inside source list 101 interface Dialer0 overload
    ip nat inside source static 192.168.1.1 interface Dialer0
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer0
    no ip http server
    !
    access-list 101 permit ip 192.168.1.0 0.0.0.255 any
    dialer-list 1 protocol ip permit
    !
    line con 0
    transport preferred all
    transport output all
    stopbits 1
    line vty 0 4
    exec-timeout 120 0
    login local
    length 0
    transport preferred all
    transport input all
    transport output all
    !
    scheduler max-task-time 5000
    end



    It is very important for me. Has anyone an idea ?

    Thank you very much in advance.

    Michel
     
    mw, Apr 19, 2005
    #1
    1. Advertising

  2. mw

    mw Guest

    Note : My company is using a certificate authentication, and it doesn't
    work. My brother's company uses a group login/pw authentication and it works
    wonderfully with my Cisco.

    Can this add something to the problem ???

    Best regards,

    M. W.


    "mw" <> a écrit dans le message de news:
    P6e9e.47618$...
    > Hi,
    >
    > I'm a newbie and I'm facing a problem.
    >
    > I need to connect to a VPN, through IPSec. I have a CISCO C827 ADSL

    Router.
    > I'm using Nortel Contivity VPN Client.
    >
    > If I connect by a modem to any provider, it works great.
    > If I try to do it through the C827, no way. It says on my side : Server

    not
    > responding, and on the server side : Client not responding.
    >
    > Anybody knows how I could/should configure my router to have it work ?
    >
    > Here's a piece of my configuration :
    >
    >
    > ip dhcp pool maison
    > network 192.168.1.0 255.255.255.0
    > default-router 192.168.1.254
    > dns-server xxxxxxxxxx xxxxxxxxxxxxxxx
    > !
    > !
    > !
    > interface Ethernet0
    > ip address 192.168.1.254 255.255.255.0
    > ip nat inside
    > hold-queue 100 out
    > !
    > interface ATM0
    > no ip address
    > no atm ilmi-keepalive
    > dsl operating-mode auto
    > hold-queue 224 in
    > pvc 8/35
    > encapsulation aal5mux ppp dialer
    > dialer pool-member 1
    > !
    > !
    > interface Dialer0
    > ip address negotiated
    > ip nat outside
    > encapsulation ppp
    > dialer pool 1
    > dialer-group 1
    > ppp authentication chap callin
    > ppp chap hostname xxxxxxxx
    > ppp chap password x xxxxxxxx
    > !
    > ip nat inside source list 101 interface Dialer0 overload
    > ip nat inside source static 192.168.1.1 interface Dialer0
    > ip classless
    > ip route 0.0.0.0 0.0.0.0 Dialer0
    > no ip http server
    > !
    > access-list 101 permit ip 192.168.1.0 0.0.0.255 any
    > dialer-list 1 protocol ip permit
    > !
    > line con 0
    > transport preferred all
    > transport output all
    > stopbits 1
    > line vty 0 4
    > exec-timeout 120 0
    > login local
    > length 0
    > transport preferred all
    > transport input all
    > transport output all
    > !
    > scheduler max-task-time 5000
    > end
    >
    >
    >
    > It is very important for me. Has anyone an idea ?
    >
    > Thank you very much in advance.
    >
    > Michel
    >
    >
    >
    >
    >
     
    mw, Apr 20, 2005
    #2
    1. Advertising

  3. mw

    RobO Guest

    Hi,

    Are you able to connect with the Nortel Client without Certificates >
    group authentication!
    What is the VPN server the Cisco Router? or an internal server?
    If its the Cisco Router please post the crypto config.
    If its an internal server sounds like a NAT problem > let me know!
    What version is the Cisco IOS?

    Rob
     
    RobO, Apr 20, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rik Bain

    pix-nortel contivity ipsec failing

    Rik Bain, Nov 2, 2003, in forum: Cisco
    Replies:
    1
    Views:
    2,803
    Bill F
    Nov 2, 2003
  2. Ken  Gallagher
    Replies:
    2
    Views:
    2,626
    ken gallagher
    Aug 7, 2006
  3. Replies:
    3
    Views:
    27,285
  4. Joe S.
    Replies:
    8
    Views:
    4,575
    =?Utf-8?B?Zm5peG9u?=
    Oct 20, 2005
  5. Replies:
    2
    Views:
    678
    Charlie Russel - MVP
    Jun 5, 2007
Loading...

Share This Page