RE: Nortel Contivity Firewall

["Nathan" <nathan.grandbois () cerdant com>]

I would say you'd need to point the tunnel at the public IP address of
device B.

-nathan

> > -----Original Message-----
> > From: firewall-wizards-admin () honor icsalabs com
> > [mailto:firewall-wizards-admin () honor icsalabs com]On Behalf Of Tim
> > Chettle
> > Sent: Thursday, February 27, 2003 11:56 PM
> > To: firewall-wizards () honor icsalabs com
> > Subject: [fw-wiz] Nortel Contivity Firewall
> >
> >
> > I have two Contivities that I am trying to set up to build a
> > VPN tunnel
> > between two sites over the internet and am struggling somewhat
> >
> > Site B has a Contivity 1700 located in a DMZ on a Checkpoint
> > Firewall1
> > Site A has a Contivity 1700 operating as both a Firewall and
> > a VPN device
> >
> > We can create the Tunnell from site A to Site B but not the
> > other way around
> >
> > My rule on Site B's device is to allow IKE and IPSEC into the network
> > located on the private Network which i think is wrong I
> > think that they
> > should be allowed onto the Device itself however i am
> > confused as to what
> > that object actually is.
> >
> > is it the Private address the Public One or the managment address
> >
> >
> > Thanks
> >
> >
> > _______________________________________________
> > firewall-wizards mailing list
> > firewall-wizards () honor icsalabs com
> > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards