Hey Craig, and anyone else who wants to jump in, I'm back on
the Nortel BCM issue.

I've been in discussions with the Nortel Engineer types and
they have informed me that if BM does IPSEC then
theoretically the Nortel Contivity routers or any other
router that does IPSEC should be able to terminate at the BM
firewall. This would be optimal for us in two areas, one is
hardware cost for our client and the other is ease of
configuration. The alternative is to open up the necessary
ports so the routers can VPN (IPSEC) direct to the BCM. So
take into consideration the following configuration.

BCM from Nortel and 2 other servers behind the BM firewall.
Remote offices will use a hardware router such as a Nortel
contivity 1050 to tunnel and terminate at the BM firewall.
Remote home users will use either the Nortel vpn client or
BM VPN client and terminate at same BM firewall.

We will need to initially make this happen with BM3.6 from
NSBS 6, in the next two weeks. Early Jan we will immediately
upgrade to NSBS6.5 ( I guess 3.7 will ship with NSBS6.5?)

- So, do either of these firewalls support IPSEC and how
many tunnels can they support simultaneously.
- Has anyone out there tried to terminate a Nortel VPN
client on a BM firewall or should I just shoot myself first
and move on to opening the ports and passing the VPN right
on through to the BCM?
- Does anyone know of and recommend particular 3rd party
hardware routers capable of establishing multiple IPSEC
tunnels to the BM server that do priority packeting?

cheers and thanks

Martin Stepanek, CNE
122 Herrell Avenue, Barrie
Ontario, L4N 6V1
PH:705-739-0013 FAX:705-739-4045