01-21-2009 06:08 AM
Dear All,
I have to initiate a IPSec tunnel from Cisco router (which is having ADSL modem internet connection) to nortel contivity. At Router side the IP address will be dynamic. I am getting an error saysing "Notify has no hash - Rejected."
I was updated that we need to try with Initator ID in cisco router.
Can some one help me to configure the same (cisco router IPSec with Initiator ID)
01-21-2009 08:39 AM
The normal initiator ID normally is an IP address or certificate.
Since the router connects to an ADSl line - the IP will be DHCP and could be differnet every time. So you cannot configure the IP address in the Nortel.
The issue is with the Nortel end - it needs to be able to accept "aggresive" connections which = dynamic VPN's when the source is unknown.
HTH>
01-21-2009 07:54 PM
Thanks for the Update
some queries
1) whether we need to do aggresive mode at Cisco side too?
2) any useful link available for refernce?
01-22-2009 04:38 AM
I had to configure Cisco PIX to Nortel Contivity tunnels before. This link may be of use to you:
http://www142.nortelnetworks.com/bvdoc/contivity/doc_html/help/messages.htm
01-22-2009 04:48 AM
To answer:
1) not really - how are you going to connect to the Cisco router if the IP address is likely to change? You only need to confiogure "Aggressive" connections when you do not know the IP address. I presume the Nortel has a static IP - you need to terminate the VPN the VPN from Cisco to Nortel.
2) Sorry - not a Nortel guy!!
HTH>
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide