ICS and Nortel Contivity VPN Client

W

William Lipp

Is it possible to work Nortel's Contivity VPN Client through a home
ICS network?

Our home network using ICS (Internet Connection Sharing) has worked
fine for years. Now Work wants me to connect from home to a corporate
network using Nortel's Contivity VPN client. The Contivity client is
installed on an "other" computer - not the one with direct access to
the network. The Contivity client connects, but nothing happens. The
client's status always shows "bytes in" and "frames in" as zero.
ipconfig /ALL shows a connection with IP address, DNS servers, etc
configured, but pinging the server's IP addresses results in timeouts.
Does anyone know a way to make this work?

William
 
K

Kurt

This is typical of L2TP tunnels through NAT, which ICS and any SOHO router
will do. I haven't had any experience with the Nortel setup, but we couldn't
get a Netscreen client to move any data through an established tunnel from
behind a Linksys NAT router. If we gave the laptop with the client installed
a public IP address, it worked just fine. Some routers support "L2TP NAT
traversal", but the client/server must support it as well. There also may be
a way to turn off the authentication header (AH) for the outer (public)
header. Since NAT changes the IP address and source port outbound, any
checksum or hash created before the NAT will fail. If they insist on using
an L2TP tunnell (PPTP works fine through a NAT), tell them they'll also have
to spring for an extra public IP address at your house.

....kurt
 
W

William Lipp

Getting Nortel Contivity to work through my home network required two
changes.

1. I shut off ICS and replaced it with NAT32 from http://www.nat32.com
Using this software IP router, I was able to maintain the same
physical network.

2. I replaced the PPPoE driver with the highly recommended free
RASPPPOE from http://www.raspppoe.com/ . Using the ISP's PPPoE
driver, I could connect but could not browse after connecting.

William
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top