IPSEC Tunneling Between Cisco Pix and Nortel Contivity

[jdonalds]

Two companies with two separate networks. Network 1 uses a Cisco 515 Pix Firewall with NAT. Network 2 uses a Nortel Contivity 600. I've been trying to enable client connections from behind network 1 using the vpn client software for network 2. I received the following error:

"Login Failure: Remote host not responding"

When I try to ping the Network 2 box it doesn't respond. I understand that I need to open port 500 on the PIX but not sure how? Also, if there are other configuration changes that need to take place I'd appreciate any steps in order to do so. I'd ultimately like to set up a live tunnel between two devices but have come up short. Thanks in advance for any advice.

Jeremy

 

[themut]

You don't have to open any ports on the PIX as long as the "sysopt connection permit-ipsec" is enabled. I would try to analyze the following simultaneous debugs on the PIX:

debug crypto ipsec
debug crypto isakmp

The link below will help you understand the outputs from these debugs:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a00800949c5.shtml