[Openswan Users] connecting as a client to Nortel Contivity switch

shad shad.mortazavi at convergenceone.com
Wed Sep 29 10:22:05 CEST 2004

Paul Wouters wrote:

> On Tue, 28 Sep 2004, Steve Maring wrote:
>> I'd like to use OpenSwan to connect to a Nortel Contivity switch that 
>> uses a group id / password, user id, pin, and an RSA SecurID token.  
>> I do NOT have access to the Contivity switch itself.
>> I've tried fruitlessly to prepend a new ip table in front of 
>> NetFilters main ip table while using the Nortel Contivity Netlock 
>> Client and have turned to OpenSwan as a vestige of hope.
>> Can anyone confirm as to whether the most recent OpenSwan is capable 
>> of acting in this capacity?
> AFAIK, Nortel uses proprietary extensions. Openswan does not support 
> those.
> Paul
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users

I have a working configuration for Openswan as a BOT (Branch Office 
Tunnel) to a Contivity 1710, but there is no way of using Openswan in 
the client mode that you describe.

The administrator of the Contivity will need to define a BOT for you and 
setup the appropriate tunnel filters. The documentation on the Nortel 
site suggests that this should work with both Pre-shared secret and 
certificates ( I have not yets tried the certs).

Once you have this established the connection is very reliable.

Warm Regards

Shad Mortazavi

More information about the Users mailing list