1. Home
  2. Cisco Systems
  3. connecting a Nortel Contivity VPN device to a Cisco PIX Firewall in IPSEC tunnel mode

connecting a Nortel Contivity VPN device to a Cisco PIX Firewall in IPSEC tunnel mode

Good day, all.

I'm stuck on a weird problem here. I was requested to develop a method whereby a Contivity 221 running in an Initiator Responder mode (where it uses an Initiator ID, as well as an IPSEC passkey) has to connect to a Cisco PIX firewall (running OS version 7.0 or higher). The idea is to have the Contivity devices terminate their VPN sessions on the PIX firewall, instead of to the current Contivity 600

Does anyone know if this is possible, and if so, what I'd need in order to make it work (e.g. if I have an initiator ID of Contivity221 and a passkey of abcd1234, what would the equivalent commands be on the Cisco PIX firewall)?

Thanks!

Reply to
Ken Gallagher
Loading thread data ...

I looked into this briefly the other day, when I read your question, but I was unable to find much information about Initiator Responder mode in order to see if I could figure out the Cisco equivilent.

I did find that Contivity terminology also refers to this mode has having a tunnel name, but that doesn't correspond to anything I'm familiar with from IPSec.

The ID and passkey you give -look- like what PIX 5 / PIX 6 called "vpngroup password". In PIX 7, it looks to me that the equivilent to that would be to configure

tunnel-group NAME type ipsec-ra tunnel-group NAME ipsec-attributes pre-shared-key PASSWORD

However, I cannot tell whether this is the same thing as Initiator Responder mode.

Reply to
Walter Roberson

Thanks very much.

I'll give this a shot (the client is going to be running a newer model PIX firewall, so he'll be running firewall OS 7.0, I believe)

Reply to
ken gallagher

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.