Nortel VPN client can not run behind NS 5XT?

[Skyfall]

I have a NetScreen 5XT at home, I could not let Nortel VPN client get through. Everytime after trying to connect, and took a little while when showing 'checking for banner text from x.x.x.x', and then 'The secure Contivity VPN connection has been lost'. If I change 5XT to other router like d-link, VPN works fine. I set up the policy all permit 'any to any'whatever From Trust To Untrust or From Untrust To Trust.
I guess may be the software is too old, the NS software version is 4.0.1r10.0 (Firewall+VPN). I could not download newer version from Junipers web since they are very restrict. Anyone who's teh expert on NS or Juniper VPN please give me some hints, thanks.

Life is keeping learning......

 

[Skyfall]

BTW, if use PPTP VPN connection is fine.

Life is keeping learning......

 

[biv343]

Could be that since the 5XT also does VPN that it doesn't want to pass the IPSEC packets outbound. I don't know much about those devices though.

If possible, you could turn on NAT traversal on the Contivity - set it to UDP port 10001 or something like that. That has gotten me around these types of issues in the past.

 

[Skyfall]

Thanks for help.
I got the new version NSOS, upgraded it, it works now.

Life is keeping learning......