I have a customer on the 900 MHz product whose company is using a Nortel Contivity VPN system that has begun utilizing Nat-T and his access to the company resources are no longer available.
This is a snapshot of his SM
Device Type : 900MHz - Subscriber Module - 0a-00-3e-91-0f-5a
Software Version : CANOPY 8.1.5.1 SM-DES
Software BOOT Version : CANOPYBOOT 3.0
Board Type : P9
FPGA Version : 041006
Uptime : 24d, 10:42:55
System Time : 13:50:09 04/21/2008
Ethernet Interface : 100Base-TX Full Duplex
Subscriber Module Stats
Session Status : REGISTERED VC 43 Rate 2X/1X
Registered AP : 0a-00-3e-91-81-70
RSSI : 1452
Power Level : -68 dBm
Jitter : 2
Air Delay : 92 approximately 2.56 miles (13524 feet)
Can you provide me with any insight to help me restore his access?
Did you enable NAT on customer SM?
If so, you will probably have issues if he is using PPTP VPN.
Nortel VPN seems to be IPSEC, isn’it?
Definitely turn off NAT in the radio if it’s on. Wouldn’t hurt to upgrade it to 8.2.4, either. 8.1.5.1 won’t be doing you any extra favors (that you’ll like, anyway…).
It’s not clear from your post: Was the VPN working before the switch to NAT-T?
If your endpoint is XP, see this article:
http://support.microsoft.com/kb/818043/en-us
I think that the DMZ will fix his issue with the Nortel client.