Ask the Expert

I am encountering problems when trying connecting to the VPN.

I am using a D-Link DI-304 for my office network over the LAN with ISDN connection. Internet works fine. As my company uses a global mail system through the VPN, I am encountering problems connecting to the VPN. Could you help me out in setting the router for Contivity VPN?

    Requires Free Membership to View

To use a Nortel Contivity Extranet Access Client through your DI-304, you need to enable NAT Traversal in your Contivity switch. (Some routers support another alternative, VPN Passthrough, but your DI-304 does not appear to support that option.)

To activate NAT Traversal, the Contivity switch must be configured to "auto detect IPsec Capable NAT" in the policy Group used to authenticate your VPN client. If this option is enabled, the switch and VPN client detect the presence of any device in the path between them which is applying NAT (i.e., your DI-304 router). They then negotiate NAT Traversal during tunnel establishment and choose a UDP port through which to exchange UDP-encapsulated IPsec ESP. By encapsulating IPsec ESP (protocol 50) inside UDP, traffic can flow safely through any intervening router or firewall without requiring that device to allow protocol 50 (IPsec ESP) or implement a VPN Passthrough. For more information about NAT Traversal, see these IETF documents: draft1, draft2

This was first published in August 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: