Contivity & Instant Internet

Mark Motley mark at MOTLEYNET.COM
Mon Aug 21 18:02:32 EDT 2000


 Well, it's kinda hit-and-miss and it is VERY pedantic.  Here's what you can
try:

1) Make sure the name on the Instant Internet box matches the branch office
tunnel name *exactly*.

2) When defining the networks on both sides of the branch office connection,
make sure they match on both the Contivity and the II box. All of them.
Otherwise you won't get SAs.

3) Try deleting the branch office connection on the Contivity and recreating
it.  I know this sounds funky, but trust me, it fixed a problem we were
having with one (after we pulled many hairs from our heads).

4) DON'T use the "ping X.X.X.X monitor <NAME> source ethx" command.
Instead, use "ping <a valid inside address> interval 10 background start
source <inside eth interface>".

5) Upgrade the Contivity software to 2.60 (or latest).  2.60 seems to be
much more interoperable and stable from an IPSec perspective.

Overall, the II boxes are a pain in the butt.  But once you get them
working, they do work fairly well.  Hope this helps...

- MBM

-----Original Message-----
From: Franci Jereb
To: VPN at SECURITYFOCUS.COM
Sent: 8/17/00 12:28 AM
Subject: Contivity & Instant Internet

Hello,

I would like to know if anybody was configuring and conecting
Contivity 1500 & Instant Internet 100 to work over IPsec. Software
version of Contivity is 2.50 & Instant Internet is 7.0. I tried to
configure, but the system doesn't work. I configured Contivity &
Instant Internet as it is described in manuals. Is there any
speciality of configuring it? Any information would be nice.

Regards,
Frenk

VPN is sponsored by SecurityFocus.COM

VPN is sponsored by SecurityFocus.COM




More information about the VPN mailing list