Peer to Peer connection between CISCO PIX and a Nortel VPN

[rehabber]

We are trying to establish a peer-peer or branch office connection between a Cisco Pix and a Nortel 2000 VPN.
Has anyone done this before? If so, what settings are needed?

 

[dopehead]

Well, i don't know the nortel, but what you need is to get all settings that say something about IPSEC, to run as standard and no proprietary settings like udp encapsulation or tcp encapsulation and then make sure that your IKE proposals are exactly matched in both ends, as well as the proxy src and dst ip networks that you wan't to encrypt.

And then you'll prolly still have to debug extensively to get it working :-(

But then it should work fine.

Jan

 

[tbissett]

I used to have a Nortel 2600 doing a site-to-site with a Cisco PIX. If I remember, 3DES with MD5 worked pretty well. I do specifically remember that it was easier to modify the settings on the PIX end than the Nortel. What I mean is, I set up the "branch office" VPN as the Nortel calls it using their default settings, and had better luck by modifying the PIX end to adapt to the Nortel. There didn't seem to be a lot of customization options on the Nortel end.