IP Masquerading with Bay Networks/Nortel Networks Extranet Client

IP Masquerading with Bay Networks/Nortel Networks Extranet Client

Post by Ryan Rue » Fri, 24 Dec 1999 04:00:00

    I've been trying to get the Bay Networks Extranet Client to work with
Linux IP Masquerading.  When I connect to the Contivity Switch (without IP
Masquerading), the client says it's connected with IPSec ESP.  Since it's
not using IPSec AH, I SHOULD be able to Masquerade the client.
    I downloaded the VPN Masquerade HOWTO, and followed it very carefully
(along with searching the newsgroups extensively).  I've patched my kernel
(2.2.12 I believe, I'm using RedHat 6.1).  I've also setup the ipchains
policies as specified in the HOWTO.  When I try to connect, the client sends
out an ICMP message over port 500 but a reply never comes back.
    Has anyone gotten the Extranet Client to work behind a Linux IP
Masquerade box?  Thanks for any help you may provide.


   Ryan Ruel



1. VPN to Bay Networks/Nortel Extranet

First off I'm a complete dunce with regards to IP stuff :-(  A good FAQ
or book link would be appreciated.

My problem is that I am at a complete loss how to solve my connection
to a Bay Networks/Nortel Extranet/VPN.

I have a single Linux box which is connected to the internet via DSL,
it uses PPPoE.  Everything works fine :-)  Which is amazing considering
I had to compile and set it up my self.

My work has a nice VPN, which works fine under windoze.  Trying to get
Linux to connect, negotiate and work is not happening.

The info, supplied by work, I have to connect with is a machine name
and ip address.  I have a group profile and a group password.  I have a
user profile, a password and a windoze domain.

The software I have been trying to use is PPtP.  The Chap/Pap file
settings are a mystery.  The command line options even more so.

My understanding is that I can connect to my office network by just
using the group profile/password through the supplied server details.
The domain stuff is just for connecting to the domain, which is not
vital.  Is this correct?

Does anyone have an idea how to make this work?

 /\           |\/|
/--\LISTAIR   |  |OIR.

Sent via Deja.com http://www.deja.com/
Before you buy.

2. enscript command

3. IP-Filter, NAT, IPSEC and Nortel Extranet Access Client question

4. bug in lilo?

5. Nortel Extranet VPN client (IPSec) through OpenBSD2.7 w/ ipf and ipnat ??

6. Throughput Computing

7. Connecting a Nortel VPN client through OpenBSD (2.9) to Nortel VPN Switch

8. weird fault messages

9. IP Masquerading works, but does not masquerade from within the local network

10. Bay Networks VPN client and MASQ help

11. Bay Networks VPN Client (on NT) through Masq - anyone try?

12. Access to Nortel Extranet VPN