[Openswan Users] connecting as a client to Nortel Contivity
switch
shad
shad.mortazavi at convergenceone.com
Wed Sep 29 10:22:05 CEST 2004
Paul Wouters wrote:
> On Tue, 28 Sep 2004, Steve Maring wrote:
>
>> I'd like to use OpenSwan to connect to a Nortel Contivity switch that
>> uses a group id / password, user id, pin, and an RSA SecurID token.
>> I do NOT have access to the Contivity switch itself.
>>
>> I've tried fruitlessly to prepend a new ip table in front of
>> NetFilters main ip table while using the Nortel Contivity Netlock
>> Client and have turned to OpenSwan as a vestige of hope.
>>
>> Can anyone confirm as to whether the most recent OpenSwan is capable
>> of acting in this capacity?
>
>
> AFAIK, Nortel uses proprietary extensions. Openswan does not support
> those.
>
> Paul
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>
Paul,
I have a working configuration for Openswan as a BOT (Branch Office
Tunnel) to a Contivity 1710, but there is no way of using Openswan in
the client mode that you describe.
The administrator of the Contivity will need to define a BOT for you and
setup the appropriate tunnel filters. The documentation on the Nortel
site suggests that this should work with both Pre-shared secret and
certificates ( I have not yets tried the certs).
Once you have this established the connection is very reliable.
Warm Regards
Shad Mortazavi
More information about the Users
mailing list