Q

I am encountering problems when trying connecting to the VPN.

I am using a D-Link DI-304 for my office network over the LAN with ISDN connection. Internet works fine. As my company uses a global mail system through the VPN, I am encountering problems connecting to the VPN. Could you help me out in setting the router for Contivity VPN? To use a Nortel Contivity Extranet Access Client through your DI-304, you need to enable NAT Traversal in your Contivity switch. (Some routers support another alternative,...

VPN Passthrough, but your DI-304 does not appear to support that option.)

To activate NAT Traversal, the Contivity switch must be configured to "auto detect IPsec Capable NAT" in the policy Group used to authenticate your VPN client. If this option is enabled, the switch and VPN client detect the presence of any device in the path between them which is applying NAT (i.e., your DI-304 router). They then negotiate NAT Traversal during tunnel establishment and choose a UDP port through which to exchange UDP-encapsulated IPsec ESP. By encapsulating IPsec ESP (protocol 50) inside UDP, traffic can flow safely through any intervening router or firewall without requiring that device to allow protocol 50 (IPsec ESP) or implement a VPN Passthrough. For more information about NAT Traversal, see these IETF documents: draft1, draft2

This was first published in August 2004

Dig deeper on Network Access Control

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close