Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

How to allow Nortel Contivity VPN client

here's my set-up:

1. PC with Contivity VPN Client software-> Cisco871 router (w/out ACL on intVLAN1)->Internet

result: OK

2. PC with Contivity VPN Client software-> Cisco871 router (w/ ACL on intVLAN1)->Internet

result: connection failed

my ACL for this is:

access-list 101 permit udp any <vpn server> eq isakmp

access-list 101 permit udp any <vpn server> eq 10000

I believe that my problem is ACL since my connection is successful without ACL.

Can you help me modify my ACL to allow PCs with Contivity VPN client to connect to the VPN server.

Thanks in advance!!!

2 REPLIES
Community Member

Re: How to allow Nortel Contivity VPN client

1) Look at the direction of the acl you applying to VLAN. 2) Consult your Nortel documentation to make sure you list all the ports covered in your ACL. Make sure client deos not use "dynamic" ports, in this case you will have troubles defining your ACL...

Community Member

Re: How to allow Nortel Contivity VPN client

Thanks for your reply!

I have resolved this issue by adding

to my ACL to permit AHP and ESP.

access-list 101 permit esp

access-list 101 permit ahp

183
Views
0
Helpful
2
Replies
CreatePlease to create content