Solved

IPSec Tunnel Tru. ISA or Microsoft Forefront Threat Management Gateway

Posted on 2009-05-19
3
797 Views
Last Modified: 2013-12-04
I have ISA2006 server installed on my office network and all the pc on the network are  using SNAT. some of the users on the network  have nortel vpn client to connect to corporate head office. Through ISA2006/TMG SNAT nortel vpn client fails to establish a tunnel.
The policy for ISA is set to allow all traffice from inside(internal network) to external and no other restriction is added in the policy.
nortel client version is v04_87
0
Comment
Question by:Manojc3
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 29

Accepted Solution

by:
pwindell earned 500 total points
ID: 24487066
It is failing due to NAT-T  (NAT Traversal)

IPSec is not capable of running over NAT.  If the Nortel Client was using PPTP it would be working fine.  To overcome the IPSec's failure of NAT requires NAT Traversal.  

Make sure the Nortel Client is configured to use NAT-T

These links may help:
http://www.isaserver.org/articles/IPSec_Passthrough.html
http://forums.isaserver.org/m_2002012471/tm.htm
0
 

Author Comment

by:Manojc3
ID: 24603930
Yes I downloaded the new notel vpn client 6.0 which has NATT support. It working now. Thank you.
0
 
LVL 29

Expert Comment

by:pwindell
ID: 24604025
Very good.  Glad it worked out for you.
 
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Come and listen to Percona CEO Peter Zaitsev discuss what’s new in Percona open source software, including Percona Server for MySQL (https://www.percona.com/software/mysql-database/percona-server) and MongoDB (https://www.percona.com/software/mongo-…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question