upgrades for Nortel Contivity switch

David Passamonte dpassamo at NORTELNETWORKS.COM
Fri Apr 20 10:02:21 EDT 2001 

The issues being raised by Mr. MacLauchlan revolve around the NAT
functionality of the Contivity Firewall. Nortel Networks does not see this
as a Firewall issue and has received no feedback from customers on stability
issues surrounding the Firewall functionality. The recommendation NOT USE
the Firewall based on the NAT issues is misplaced.

Nortel Networks has addressed the NAT stability issue with Sprint directly
and a patch was provided to SPRINT and accepted by SPRINT on 4/5/01. The
patch for this problem was included in our 3.6 code released on 4/10/01.

If you are currently running v03_50.44 and are not using the NAT
functionality you WILL NOT encounter any stability issues.

If you have any questions about this issue please contact Nortel Networks
technical support or your local account team and upgrade to software version
3.6

Currently SPRINT is re-selling this solution and has accepted all fixes that
have been put in place to address the NAT issue. We have seen very good
response to the firewall by the number of sales being placed through SPRINT
and have no outstanding issues with any customers surrounding the Contivity
Firewall functionality.

-----Original Message-----
From: Nick MacLauchlan [mailto:nickmacl at SEC.SPRINT.NET]
Sent: Thursday, April 19, 2001 12:29 PM
To: VPN at SECURITYFOCUS.COM
Subject: Re: upgrades for Nortel Contivity switch


____ issues

Upgrade to version 2.6 then upgrade again to 3.5.

Personal recommendation DO NOT USE THE NORTEL FIREWALL.  There will be
a patched version of the firewall code, hopefully very soon.  It is
my understanding the box can become unstable with the 3.5 firewall
running.

Overall the 3.5 software appears to be just as stable as the 2.5x
software and that is good news.



On Wed, Apr 18, 2001 at 01:38:43PM -0400, Tait Humphries wrote:
> Return-Path: <owner-vpn at SECURITYFOCUS.COM>
> Received: from gate1sec.res.sprintlink.net (gate1sec.sec.sprint.net
[199.0.235.1])
> 	by athens.sec.sprint.net (8.9.1/8.9.1) with SMTP id SAA24038
> 	for <nickmacl at SEC.SPRINT.NET>; Wed, 18 Apr 2001 18:26:03 -0400 (EDT)
> Received: from lists.securityfocus.com ([66.38.151.7]) by
gate1sec.res.sprintlink.net
>           via smtpd (for athens.sec.sprint.net [199.0.235.33]) with SMTP;
18 Apr 2001 22:26:03 UT
> Received: from lists.securityfocus.com (lists.securityfocus.com
[66.38.151.7])
> 	by lists.securityfocus.com (Postfix) with ESMTP
> 	id 0372D24DE8D; Wed, 18 Apr 2001 16:25:12 -0600 (MDT)
> Received: from LISTS.SECURITYFOCUS.COM by LISTS.SECURITYFOCUS.COM
>           (LISTSERV-TCP/IP release 1.8d) with spool id 33728514 for
>           VPN at LISTS.SECURITYFOCUS.COM; Wed, 18 Apr 2001 16:25:11 -0600
> Approved-By: tbird at PRECISION-GUESSWORK.COM
> Delivered-To: vpn at lists.securityfocus.com
> Received: from securityfocus.com (mail.securityfocus.com [66.38.151.9]) by
>           lists.securityfocus.com (Postfix) with SMTP id A316C24DD76 for
>           <vpn at lists.securityfocus.com>; Wed, 18 Apr 2001 11:42:34 -0600
(MDT)
> Received: (qmail 17317 invoked by alias); 18 Apr 2001 17:42:36 -0000
> Delivered-To: VPN at SECURITYFOCUS.COM
> Received: (qmail 17286 invoked from network); 18 Apr 2001 17:42:31 -0000
> Received: from unknown (HELO mail.wfubmc.edu) (152.11.200.6) by
>           mail.securityfocus.com with SMTP; 18 Apr 2001 17:42:31 -0000
> Received: from wfubmc.edu ([152.11.251.25]) by mail.wfubmc.edu (Netscape
>           Messaging Server 3.61)  with ESMTP id AAA5A45 for
>           <VPN at SECURITYFOCUS.COM>; Wed, 18 Apr 2001 13:43:24 -0400
> X-Mailer: Mozilla 4.74 [en]C-CCK-MCD   (WinNT; U)
> X-Accept-Language: en
> MIME-Version: 1.0
> Content-Type: multipart/mixed;
boundary="------------64405D8253511201886D186F"
> Message-ID:  <3ADDD123.869C7EDD at wfubmc.edu>
> Date:         Wed, 18 Apr 2001 13:38:43 -0400
> Reply-To: Tait Humphries <humphrie at WFUBMC.EDU>
> Sender: VPN Mailing List <VPN at SECURITYFOCUS.COM>
> From: Tait Humphries <humphrie at WFUBMC.EDU>
> Subject:      upgrades for Nortel Contivity switch
> To: VPN at SECURITYFOCUS.COM
>
> I want to upgrade our Contivity servers. Has anyone had any issues with
> version 3.5 running on a 4500?  Also can I go straight from version 2.51
> to 3.5 (or do I need to go to another version that is a little newer
> first)?
>
> Thanks,
> Tait Humphries

Content-Description: Card for Tait Humphries


--


Nick MacLauchlan
Manager Data Security
(703) 689-7165

VPN is sponsored by SecurityFocus.COM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/vpn/attachments/20010420/03ac524c/attachment.htm

More information about the VPN mailing list