Initial Contact Payload (Icp) - Nortel Contivity 1100 Configuration Manual

Vpn router basic features
Hide thumbs Also See for Contivity 1100:
Table of Contents

Advertisement

When operating in IPSec mobility mode with split tunneling enabled, the Nortel
VPN Client does not consider the routing table to be maliciously altered and will
not bring down the tunnel in the following cases:
IP address change for any adapter
Adapter has been removed
Adapter is plugged in and connects

Initial contact payload (ICP)

If the Nortel VPN Client fails to notify the Nortel VPN Router of the logoff or
tunnel termination due to network problems (such as, the interface went down
before sending logoff sequence), the client's session could still be in the session
table for a period of time specified by the Idle Timeout. If the client tries to
reconnect and the previous session has not expired yet, the client would not be
able to log in, as only one active session is allowed per user by default.
The Initial Contact Payload feature could be used in this situation to clear up old
sessions. This feature allows the server to terminate an old session if a new session
has the same user ID as the old one.
Note: With IPC the server cannot identify the session to terminate if a
user is logged in multiple times. Nortel recommends using IPC when the
max login is set to 1.
Beginning with version 5.01, the Nortel VPN Client always sends the Initial
Contact Payload; such behavior could be accepted or rejected by the Nortel VPN
Router based on the VPN Router configuration. The "Accept ISAKMP Initial
Contact Payload" parameter configured per group specifies Nortel VPN Router
action towards received initial contact payload.
Chapter 8 Configuring IPSec mobility and persistent mode 153
Nortel VPN Router Configuration — Basic Features

Hide quick links:

Advertisement

Table of Contents
loading

This manual is also suitable for:

Contivity 1010Contivity 1050

Table of Contents