Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: vpnc with Nortel Contivity VPN using group auth

  1. #11
    Join Date
    Dec 2006
    Beans
    88
    Distro
    Ubuntu

    Re: vpnc with Nortel Contivity VPN using group auth

    hi

    I found this one helpful in locating the group password/IPSecret from the windows client...

    http://www.snadboy.com/


    To the earlier poster, I guess there is some issue with the routing tables in your PC.
    Note that you home/personal subnet should not be used in the company....

    eg, most companies large/small will use private IP's in the 10.0.0.0 network, if so you should setup your local subnet in 172.16.X.X subnet or 192.168.X.X so routing is simple...

    if you have time and a fast pc/linux on the office network you can try running

    nmap -sP -oG ~/myPingScan.txt 10.1-254.1-254.1-254 172.16.1-254.1-254 192.168.1-254.1-254

    overnight and use the output to figure out what IP address' are in use in your office..
    and then decide the subnet you should setup in your home

    G
    : Phenom II X4 940BE : M4A785M : 8GB:SS-TJ08-E :: desk
    : E3-1240v2 : X9SCM-iiF : 16G:Antec-902v3 :: server
    : E6550 : DG45FC : 4GB:Apex MI-008 :: htpc

  2. #12
    Join Date
    Dec 2006
    Location
    Mississauga, ON, CA
    Beans
    463

    Re: vpnc with Nortel Contivity VPN using group auth

    I'm also getting the same error, wondering if anyone could give me a hand:

    Code:
    /usr/sbin/vpnc: response was invalid [1]:  (ISAKMP_N_INVALID_EXCHANGE_TYPE)(7)
    Here's my original configuration in Windows:


    Status


    Authentication Options


    Two factor authentication options


    Version

    And here's my conf file:

    Code:
    victor@linux-x5ee:/etc/vpnc> sudo grep -v '^#' contivity-ip-split.conf
    root's password:
    IPSec gateway access.[DOMAIN].ca
    IPSec ID [GROUP]
    IPSec secret [GROUP PASS]
    
    Vendor nortel
    Nortel Client ID V06_01
    IKE DH Group dh5
    IKE Authmode PIN-token
    NAT Traversal Mode natt
    
    Xauth username [USER]
    Xauth PIN [PIN]
    
    Script /etc/vpnc/contivity-ip-split-script
    
    Debug 99  # Again for debug purposes check vpnc --long-help for verbosity levels
    Any ideas? I noticed that vpnc only had df5, and it looks like I'm using df8.

    Thanks,
    Vic.
    Last edited by victorbrca; June 10th, 2011 at 08:00 AM. Reason: Images
    Your verbose output has been redirected to /dev/null
    ---------------------------------------------------------------------------------------
    User 437407 with the Linux Counter -- My Site -- My Blog

  3. #13
    Join Date
    Jun 2011
    Beans
    3

    Mf60, mf30, e5832

    I picked up the MF60 last week. I previously had the MF30, but struggled with signal strength due to my location (5kms outside Torquay, Vic). Previous to that I had the Virgin E5832 and could get no signal in Torquay.

  4. #14
    Join Date
    May 2008
    Beans
    22
    Distro
    Ubuntu 11.04 Natty Narwhal

    Re: vpnc with Nortel Contivity VPN using group auth

    Victor,

    Try : IKE DH Group dh2

  5. #15
    Join Date
    Dec 2006
    Location
    Mississauga, ON, CA
    Beans
    463

    Re: vpnc with Nortel Contivity VPN using group auth

    Quote Originally Posted by Scoubidou View Post
    Victor,

    Try : IKE DH Group dh2
    I love you!!!! Thank so much for the tip... and Thank you 'ghat' for the tutorial...

    I should note that by adding the subnet of my work I was able to access most of the nodes without needing to make any modifications to my host files.

    And if anyone has multiple group profiles, here's a quick and dirty script for changing it on the fly:

    Code:
    #!/bin/bash
    
    #----------------------------------------------------------------------------
    # Variables and functions
    #----------------------------------------------------------------------------
    
    INSTALLDIR="/etc/vpnc"
    DEFAULT_CONF="default.conf"
    DEFAULT_CONF_FILE=${INSTALLDIR}/${DEFAULT_CONF}
    
    checkERR () {
    if [ "$STATUS" -ne 0 ]
     then
      echo "Previous proccess failed"
      exit 1
    fi
    }
    
    
    #----------------------------------------------------------------------------
    # Starts selection and menu
    #----------------------------------------------------------------------------
    
    echo "#################################"
    echo "# MENU TO START VPN CONNECTIONS #"
    echo -e "#################################\n"
    echo "Please type in a selection"
    echo "1- Connect to Group1"
    echo "2- Disconnect from VPN"
    read ANSWER
    
    # Checks if symlink exists for default file
    if [ -h "$DEFAULT_CONF_FILE" ]
     then
      sudo unlink "$DEFAULT_CONF_FILE" ; STATUS="$?"
      checkERR
    fi
    
    case $ANSWER in
      1) CURRENT_FILE="/etc/vpnc/Group1.conf"
         ;;
      2) 
         echo "Disconnecting VPN"
         sudo /usr/sbin/vpnc-disconnect ; STATUS="$?"
         checkERR
         echo "VPV diconnected"
         sleep 1
         exit 0
         ;;
      *) 
         echo "Option not valid"
         echo "Exiting ..."
         sleep 1
         exit 1
         ;;
    esac
    
    # Handles default files
    if [ ! -f "$CURRENT_FILE" ]
     then
       echo "Configuration file \"$CURRENT_FILE\" does not exist"
        exit 1
    fi
    
    echo "Attempting to create a link for configuration file $CURRENT_FILE"
    sudo ln -s "$CURRENT_FILE" /etc/vpnc/default.conf ; STATUS="$?"
    checkERR
    echo "Configuration file in place. Attempting to start vpnc"
    sudo /usr/sbin/vpnc ; STATUS="$?"
    checkERR
    echo "VPN started"
    sleep 1
    
    exit 0
    Your verbose output has been redirected to /dev/null
    ---------------------------------------------------------------------------------------
    User 437407 with the Linux Counter -- My Site -- My Blog

  6. #16

    Re: vpnc with Nortel Contivity VPN using group auth

    Quote Originally Posted by Scoubidou View Post
    Hi guys!

    Ok, so here I am trying again to connect to my work nortel vpn. And I've got futher than ever before follwing this thread!

    Like the last poster, I connect to the VPN but then I can't reach any local IPs.



    Code:
    # ifconfig
    
    tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
              inet addr:x.y.20.123  P-t-P:142.180.20.123  Mask:255.255.255.255
              UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1412  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:107 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:500 
              RX bytes:0 (0.0 B)  TX bytes:6508 (6.5 KB)
    As you can see I can send packet in the tunnel but they don't come back..

    I'm on 9.10 x64 if that anything to do with it.
    I was able to connect to a cisco vpn using the vpnc version in the repo

    I can browse the internet when connected (I'm connected to my vpn right now)

    Any thing would help.

    Thanks.
    I was having this same issue and I changed my config file as shown below:

    from:
    NAT Traversal Mode natt
    to:
    NAT Traversal Mode nortel-udp

    Hope this helps,if it doesn't, try the other modes: <natt/none/force-natt/cisco-udp/nortel-udp>

  7. #17
    Join Date
    May 2008
    Beans
    22
    Distro
    Ubuntu 11.04 Natty Narwhal

    Talking Re: vpnc with Nortel Contivity VPN using group auth

    Thank you VERY much!

    NAT Traversal Mode nortel-udp
    That's the line that was missing

    After more than 3 years I can FINALLY connect to my work vpn with my Ubuntu! I started trying with Ubuntu 8.04 and now I'm running 11.04!

    So here's my config file if it can help someone

    Code:
    cat /etc/vpnc/my-vpn.conf 
    IPSec gateway vpn.mycie.com
    IPSec ID mycie
    IPSec secret mycie-secret
    #Enable Single DES
    IKE DH Group dh2
    NAT Traversal Mode nortel-udp
    Xauth username myusername
    Vendor nortel
    Nortel Client ID V05_01
    #No Detach
    Script /etc/vpnc/vpnc-script

  8. #18
    Join Date
    Jan 2007
    Beans
    20

    Re: vpnc with Nortel Contivity VPN using group auth

    Hi
    Please help, using the attached image, how should configure /etc/vpnc/default.conf ?

    /etc/vpnc/default.conf
    IPSec gateway [same as destination]
    IPSec ID [???]
    IPSec secret [same as Pin ?]

    #IKE Authmode hybrid
    Vendor nortel
    Nortel Client ID V06_01
    IKE DH Group dh2
    IKE Authmode PIN-token
    NAT Traversal Mode nortel-udp
    Xauth username [same as User]
    #Xauth password

    Thanks in advance.
    Attached Images Attached Images

  9. #19
    Join Date
    Dec 2006
    Beans
    88
    Distro
    Ubuntu

    Re: vpnc with Nortel Contivity VPN using group auth

    cool thread is still active on/off...

    off topic...
    does anyone of know of any non-dell/sonicwall client for a dell-sonicwall vpn ?
    : Phenom II X4 940BE : M4A785M : 8GB:SS-TJ08-E :: desk
    : E3-1240v2 : X9SCM-iiF : 16G:Antec-902v3 :: server
    : E6550 : DG45FC : 4GB:Apex MI-008 :: htpc

  10. #20
    Join Date
    Feb 2008
    Location
    Texas
    Beans
    15,821
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: vpnc with Nortel Contivity VPN using group auth

    If a post is older than a year or so and hasn't had a new reply in that time, instead of replying to it, create a new thread. In the software world, a lot can change in a very short time, and doing things this way makes it more likely that you will find the best information. You may link to the original discussion in the new thread if you think it may be helpful.

Page 2 of 2 FirstFirst 12

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •