Fixing Nortel Contivity Client VPN issue: Login failure due to remote host not responding

I have been receiving this error for a few days now fueling my laziness to connect at the office. But unfortunately last week I was asked to assist in implementing a major change so I need to connect from home prompting me to fix this issue or else I need wake up early and haul my *ss to the office on a weekend.

The setup is I connect to the office VPN via the Nortel Contivity client utilizing SecureID token. I keep getting the error “Login failure due to remote host not responding” when I tried to connect. I didn’t have this problem before and can connect from my “virtualized” laptop (I did a Physical-to-Virtual (p2v) migration of my office laptop so that I don’t have to bring the laptop home often).

Going through the Nortel Contivity Client document, I found this:

This is typically caused by UDP500 traffic not getting back to the requesting client through a firewall and/or router.  If your firewall/router supports IPSec passthrough you must enable IP50, IP51, UDP500 on both the source and destination (i.e. bidirectional) in order for the client to establish the connection.  Some firewalls/routers have a generic setting "Enable IPSec" or "Enable IPSec Passthrough" and simply turning this on will usually solve the problem.

The keyword here is IPSec Passthrough. In order for IPsec to work through a NAT, the following protocols need to be allowed on the firewall:

  • Internet Key Exchange (IKE) – User Datagram Protocol (UDP) port 500
  • Encapsulating Security Payload (ESP) – IP protocol number 50
  • Authentication Header (AH) – IP protocol number 51

I immediately login to my router administration panel and there it is, the IPSec Passthrough was disabled.  This might have been disabled after a recent upgrade of the router’s firmware. After enabling this feature, the VPN client connected immediately.

DD-WRT –> Security -> VPN Passthrough

By the way, I have a Linksys WRT320N using a third-party firmware called DD-WRT.

image

Enhanced by Zemanta

2,571 Comments

  1. check this out

    An fascinating dialogue is worth comment. I feel that it’s best to write extra on this subject, it might not be a taboo topic but generally persons are not sufficient to talk on such topics. To the next. Cheers

    Reply
  2. Pingback: kayseri ceza avukat?

  3. watch game of thrones season 6 online free

    You made some respectable factors there. I appeared on the internet for the issue and located most individuals will associate with along with your website.

    Reply
  4. Pingback: creepypasta videos

  5. click here

    This is the best weblog for anyone who needs to find out about this topic. You realize a lot its nearly arduous to argue with you (not that I really would want…HaHa). You positively put a brand new spin on a subject thats been written about for years. Great stuff, just great!

    Reply
  6. Pingback: kayseri avukat

  7. Pingback: driving schools sydney eastern suburbs

  8. Pingback: driving lessons arabic

  9. Pingback: bitcoin mexico

  10. tech reviews

    After examine a number of of the weblog posts on your web site now, and I truly like your means of blogging. I bookmarked it to my bookmark website checklist and can be checking back soon. Pls check out my website as nicely and let me know what you think.

    Reply
  11. Pingback: Movie Toys

  12. Pingback: kayseri arabulucu

  13. Pingback: bitcoin

  14. Grupo Coral presidios

    Hey! I could have sworn I’ve been to this website before but after checking through some of the post I realized it’s new to me. Nonetheless, I’m definitely delighted I found it and I’ll be book-marking and checking back often!|

    Reply
  15. Pingback: Web Design Singapore

  16. Pingback: The Clone Wars Movie Posters for sale

  17. Pingback: bitcoin mexico

  18. Pingback: Revenge of the Sith Movie Posters

  19. Pingback: Cleaning Services Singapore

  20. Pingback: The Force Awakens Movie Posters

  21. Pingback: kayseri miras avukat?

Leave a Comment

Your email address will not be published. Required fields are marked *