Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Symantec firewall/vpn & Nortel Contivity 2700 branch office tunnel

From: "Scott Thomas" <SThomas () PRESIDIO com>
Date: Fri, 14 Nov 2003 10:31:22 -0500
Does anyone have any advice on getting a Symantec firewall/vpn 200R version V1.R5T to talk to a Nortel Contivity 2700. 
The IPsec settings seem to be the same on both ends but it is producing this error:

11/12/2003 14:35:34 0 BoTest [01] ---------------Branch Office Test
      Initiated: [XX.XX.XXX.XXX:XX.XX.X.XXX]---------------
      11/12/2003 14:35:34 0 BoTest [01] o Initiating the first connection
      within the branch-office tunnel....
      11/12/2003 14:35:34 0 Branch Office [01] IPSEC branch office
      connection initiated to rem[XX.XX.XX.X-255.255.255.0]@[XX.XX.XX.X]
      loc[XX.XX.XX.X-255.255.255.240]
      11/12/2003 14:35:34 0 Security [11] Session: IPSEC[XX.XX.XX.X]
      attempting login
      11/12/2003 14:35:34 0 Security [01] Session: IPSEC[XX.XX.XX.X] has
      no active sessions
      11/12/2003 14:35:34 0 Security [01] Session: IPSECXX.XX.XX.X]
      Optimal has no active accounts
      11/12/2003 14:35:35 0 Security [01] Session:
      IPSEC[XX.XX.XX.X]:213330 SHARED-SECRET authenticate attempt...
      11/12/2003 14:35:35 0 Security [01] Session:
      IPSEC[XX.XX.XX.X]:213330 attempting authentication using LOCAL
      11/12/2003 14:35:35 0 Security [11] Session:
      IPSEC[XX.XX.XX.X]:213330 authenticated using LOCAL
      11/12/2003 14:35:35 0 Security [11] Session:
      IPSEC[XX.XX.XX.X]:213330 bound to group
      /Base/i2_3rd_party_Symantec/Optimal
      11/12/2003 14:35:35 0 Security [01] Session:
      IPSEC[XX.XX.XX.X]:213330 using group filter permit all
      11/12/2003 14:35:35 0 Security [01] Session:
      IPSEC[XX.XX.XX.X]:213330 LOCAL IN FILTER 1 permit UDP any any EQ
      67
      FILTER 1 permit UDP any any EQ 68
      11/12/2003 14:35:35 0 Security [01] Session:
      IPSEC[XX.XX.XX.X]:213330 LOCAL IN FILTER 1 permit UDP any any EQ
      67
      FILTER 1 permit UDP any any EQ 68
      11/12/2003 14:35:35 0 Security [11] Session:
      IPSEC[XX.XX.XX.X]:213330 authorized
      11/12/2003 14:35:35 0 Security [11] Session: network
      IPSEC[XX.XX.XX.X-255.255.255.0] attempting login
      11/12/2003 14:35:35 0 Security [11] Session: network
      IPSEC[XX.XX.XX.X-255.255.255.0] logged in from gateway
      [XX.XX.XX.X]
      11/12/2003 14:35:35 0 ISAKMP [02] ISAKMP SA established with
      XX.XX.XX.X
      11/12/2003 14:35:35 0 ISAKMP [03] Unprotected Notify: Invalid SPI
      in proposal in message from XX.XX.XX.X being dropped


TIA

Scott








_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: