[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Design] Nortel Contivity VPN client and 3rd party IPsec

To: Martin Gadbois <martin.gadbois@colubris.com>
Subject: Re: [Design] Nortel Contivity VPN client and 3rd party IPsec
From: "D. Hugh Redelmeier" <hugh@mimosa.com>
Date: Wed, 10 Apr 2002 19:52:49 -0400 (EDT)
cc: IPsec List <ipsec@lists.tislabs.com>, FreeS/WAN Design <design@lists.freeswan.org>
In-Reply-To: <3CADD10D.ABD71624@colubris.com>
Reply-To: hugh@mimosa.com
Sender: owner-ipsec@lists.tislabs.com

| From: Martin Gadbois <martin.gadbois@colubris.com>
| To: ipsec@lists.tislabs.com, design@lists.freeswan.org
| Subject: [Design] Nortel Contivity VPN client and 3rd party IPsec

| I would like to know what is required to use the Nortel Contivity
| VPN client with a 3rd party IPsec gateway.
| I noticed that the Contivity client uses part of
| http://www.globecom.net/ietf/draft/draft-mamros-pskeyext-00.html as the
| KEY_ID, but the HASH_R value that the gateware return is not accepted by
| the client (AUTHENTICATION_FAILURE)

Did you compute the pre-shared secret as prf(passphrase, username)?
This is what that long-dead-draft specifies.  (I have no idea if there
is something else that descended from this draft.)

Hugh Redelmeier
hugh@mimosa.com  voice: +1 416 482-8253

References:
- Nortel Contivity VPN client and 3rd party IPsec
  - From: Martin Gadbois <martin.gadbois@colubris.com>

Prev by Date: handling of ICMP error codes in 2401bis
Next by Date: Re:
Prev by thread: Nortel Contivity VPN client and 3rd party IPsec
Next by thread: No Subject
Index(es):
- Date
- Thread