KR1 and KPC650 - The Nortel VPN Client software - ISSUE

mgodsoe

I have my Router configured, my PC is optimized per this forums recommendations, and my speed times are pretty good (considering no Venturi).

My problem is that I cannot get my VPN Client to connect through the KR1. If I put the KPC650 in my laptop, the VPN works just fine.

I do have the router set to support VPN passthrough. I have added UDP Port 500 to and from in the routers enable protocol list configuration. Still not working.

Any ideas?

Mackieman · EVDO Junkie Joined: 31 Oct 2005 Posts: 491

It really depends on how your Nortel VPN server is configured and how well it plays with NAT and what type of authentication it uses. Some security protocol send replys on different ports than they recieved requests on. These replies bounce off the firewall.

Depending on your configuration, you may be able to set a VirtualServer rule to allow port 9550 for TCP and UDP. This may allow data to pass through correctly.

Edit: D-Link posted an FAQ on this issue: http://support.dlink.com/faq/view.asp?prod_id=2245&question=KR-1

mgodsoe · Posted: Sat Feb 18, 2006 12:12 am Post subject: Thanks Mackieman

I'm used to working with the Linksys gear, and have always had good sucess with making the Nortel work through them (in my home). But the DLink was giving me a run for my money.

I sure appreciate the Q&A on the DLink site.

Thanks!

hxmiller · EVDO User Joined: 30 Jun 2005 Posts: 46

I'm using the KR1 with Contivity VPN Client V4_65.09. I've had problems with other Linux based routers.

Michael · Posted: Fri Feb 24, 2006 10:51 am Post subject:

Apparently, there are still problems with the Notel Contivity VPN that do now work with the KR1. Here is an email that I received from a customer. I am bumping up this thread as a sticky - until there is a resolution to this issue. If anyone has Nortel VPN working - please post your details to this thread, until then, we DO NOT recommend you purchase a Kyocera KR1, if you are using Nortel Contivity VPN

mgodsoe · Posted: Mon Feb 27, 2006 1:36 pm Post subject:

My Nortel Contivity client is v.04_65.26.

Having followed all of the 'tips' from you folks here, I can get the client to connect to the VPN Server. The session stalls and subsequently drops when the "Banner text" is requested. This is the legaleeze statement that says if you don't belong here, get out.

Not sure if this helps provide any clues or not, so I thought I would try.

Unfortunately, this issue presents a blocking issue for me and my wife both as we both routinely 'work from home' via the Linksys-based system at home and were hoping to 'work from home' from the boat too via our shinny new KR1.

Mackieman · EVDO Junkie Joined: 31 Oct 2005 Posts: 491

Turning off the IKE port switching may help solve the problem. IKE and IKMP don't seem to play well on KR1.

mgodsoe · Posted: Mon Feb 27, 2006 6:38 pm Post subject:

Is that something I can control within the KR1? I don't have any options to 'adjust' a particular setting within the Nortel Contivity Server or client as these are controlled by our Enterprise Security Department at work.

Mackieman · EVDO Junkie Joined: 31 Oct 2005 Posts: 491

I was actually talking about the list of options Mike posted in the quote from one of his customers. No, there isn't anything you can change in KR1 that I'm aware of.

mgodsoe · Posted: Wed Mar 08, 2006 6:31 pm Post subject: KR1 New Firmware coming soon?

I see reference to a possible release of updated firmware for the KR1. Any insights as to whether this will remove many of the VPN related roadblocks I am seeing posted here.

It seems that the D-Link traditional routers do a good job of supporting the various VPNs, but for some reason the KR1 is not. Do you think it just wasn't something they thought folks would want to use it for perhaps?

Thanks for all you guys do on this forum!

Mark

mgodsoe · Posted: Wed Mar 08, 2006 6:39 pm Post subject: KR1 New Firmware coming soon?

I see reference to a possible release of updated firmware for the KR1. Any insights as to whether this will remove many of the VPN related roadblocks I am seeing posted here.

It seems that the D-Link traditional routers do a good job of supporting the various VPNs, but for some reason the KR1 is not. Do you think it just wasn't something they thought folks would want to use it for perhaps?

Thanks for all you guys do on this forum!

Mark

hxmiller · EVDO User Joined: 30 Jun 2005 Posts: 46

ralphiles · Posted: Sat Nov 18, 2006 4:37 am Post subject:

Ok I understand everything so far my only questions is why doesn't DMZ work? DMZ should open all ports and protocols and send them straight through. Is this not a true DMZ?
_________________
Ralph Iles

buratpuday · EVDO Newbie Joined: 20 Oct 2006 Posts: 6

Hahahaha!!! The DMZ does not work on most of D-Link's routers. I've used D-Link from DI-524 to DIR-625 and the DMZ features would not work on those routers. Now I'm using a KR-1 and I believe it has the same problem regarding DMZ...

Mackieman · EVDO Junkie Joined: 31 Oct 2005 Posts: 491

The DMZ is actually functioning. The issues you experience are on a different layer. The problem is that KR1 does not support the encryption protocols used, not that the packets aren't being passed. They bounce off at the firewall because KR1 doesn't know how to handle them.