SA540 / SA520 Remote User VPN configuration

Unanswered Question
Aug 15th, 2010
User Badges:

I am setting up an Avaya phone to establish an IPSEC connection to an SA540. I have been successful establishing a connection but only when setting the remote identifier type to "Remote WAN IP" and entering the exact client IP address. As out clients will not have a fixed IP address, How do I get the SA540 to accept the client from any IP address?

If I do not set the Remote Identifier to the correct IP or use FQDN I get this in the SA540 IPSEC log"

     ERROR:  Could not find configuration for x.x.x.x[500]

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
biraja Mon, 08/23/2010 - 14:47
User Badges:

Dear gherbstman,

Can you clarify if you have brought up IPSEC VPN or SSL VPN between Avaya phone and SA500?

My understanding is that IPSEC VPN is between two edge routers, and in your case Avaya phone is an end-user device.

Can you send me the documentation regarding Avaya VPN configuration?



gherbstman Mon, 08/23/2010 - 15:22
User Badges:

IPSEC VPN does not need to be between two routers. It needs to be between two IPSEC devices.

I did manage to get it working and have six Avaya phones working.

This was my first and probably my last SA540. The documentation is poor at best and the SA540 feature set is somewhat incomplete. I will be sticking with IOS routers for now. They are MUCH more capable.


This Discussion