Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Nortel Networks VPN client on Win 2K server

Status
Not open for further replies.
bobolink

bobolink

Programmer
Jun 8, 2002
1
US
I am trying to run Nortel Extranet Client version 4.15 on Windows 2000 Server, trying to connect remotely to my company LAN. So I'm running Win 2K Server on my laptop, but I am trying to use it as a client. I was able to make this connection with Windows NT Server 4.0, and with Windows 95. I am connecting over an ATT Broadband cable modem. I have tried it with a straight cable modem connection, and with an Asante FriendlyNet Fr3000 LC router. The results are the same. When I try to run Nortel Networks VPN client software, it connects for about five seconds, then I get the following message "The routing table cannot be altered after the VPN contivity connection has been established. The Extanet client connection is closed." Nortel VPN client gets a dynamic IP address from the company server, so it is a different address every time I try to connect. Is the problem with Windows 2000 Server, or is it something else? I have the IPSec policy service disabled, and I have ports 1728 and 500 routed to my client machine.

Thanks,
Bob O.
 
Sort by date Sort by votes
The Nortel Client 4.15's feature set does not require that the ISP or local router have IPSec pass thru capabilities as it is able to negotiate a NAT traversal with the VPN server over UDP port 1455. However if the ISP's router and or firewall is blocking this particular port (UDP 1455) then you would initially connect with the server then as your PC is pulling configuration info and looking for a banner text message it would fail as it bound it's new IP information because this port is blocked.

Unfortunately it appears that this new version 4.15 is not very smart and will recognize that you have a NAT's address and will always try to bind you to address routed over UDP port 1455. Once that fails the entire session fails and it does not try the old fashion way over UDP port 500.

Long story short your ISP needs to open UDP port 1455.

Also try to disable any other network cards installed on the computer and tell me the status of the issue, so i can help u further.
 
Upvote 0 Downvote
What I've been hearing is that you will need to enable split tunneling at the server level to get around this problem.

 
Upvote 0 Downvote
Using a VPN, you cannot guarantee the security of your users home workstations. Therefore, you don’t want to allow them to be exposed to both the Internet and your network at the same time. Disabling Split Tunneling will prevent your network from being exposed to a potential backdoor. So enabling split tunneling is not recommended.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Locked
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
568
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Locked
  • Question
Best vpn safe and fast
Replies
4
Views
408
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
345
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
316
Joon Smith
Joon Smith
F
  • Locked
  • Solved
some IP Phone not working over site-to-site OpenVPN, packets modified on other side of tunnel
Replies
1
Views
2K
FrankSider12
F

Part and Inventory Search

Sponsor

Back
Top