I'm not sure about Nortel VPN but I had the same problem with a chekpoint client and got passed it using UDP encapsulation. See if nortel has something simliar.
""Edward Sohn"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello, all... > > I have a PIX501 set up for PAT on one ip address through my cable modem. > > I have a client on my internal network that needs to connect to a > corporate extranet via IPSEC, using it's own client software (Nortel). > In other words, there is no network-to-network or cisco-to-cisco IPSEC > connections. The PIX simply passes the traffic. > > The problem is that I cannot get the client to connect through the PIX. > I believe it's because the client needs its own statically translated > address on the PIX (because when I use my only ip address, I can make it > connect). However, the challenge here is to make it so that I can make > this VPN client work through the PIX while still using PAT. This way, > it doesn't hose all my other computers on the inside. > > Is this possible? I was thinking of a port address mapping statement, > but I wouldn't know which ports to use. Anyone have any experience with > this? > > Thanks, > > Eddie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=45392&t=45197 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]