[ previous ] [ next ] [ threads ]
 From:  "James W. McKeand" <james at mckeand dot biz>
 To:  "m0n0wall" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] VPN with Nokia 9300
 Date:  Tue, 13 Dec 2005 09:01:05 -0600
Andreas Ferrari wrote:
> James W. McKeand wrote:
>> Andreas Ferrari wrote:
>>> Hello
>>> Ita now the 3rd time I ask this question and I hope someone can
>>> answer it. Is it possible to configure the M0n0wall for use with a
>>> Nokia 9300 and the Nokia VPN software on it?
>>> see here http://www.nokia.co.uk/nokia/0,,70283,00.html
>>> and http://www.europe.nokia.com/nokia/0,8764,77435,00.html#5
>>> If its not possible at this time to do that with a m0n0wall, what
>>> will be needed to do that in future?
>> If you are able to find instructions for VPN setup with any other
>> IPSec VPN, you should be able to setup a IPSec VPN to a m0n0wall.
>> You have read the same things I did. 
> Yes, VPN with like MacOSX (or whatever) to a M0n0wall is not the
> problem. 

I meant instructions on how to setup a VPN with the Nokia to any other
>> I am not sure how to create the VPN policy. If the "Nokia Security
>> Service Manager" allows you to create the policy. It should allow
>> you to establish a VPN to a m0n0wall (or any IPSec VPN)
> My problem is that I cant create a policy. I can just define a
> policy-server. Is there a chance to setup m0n0wall a policy server?
> If yes what do i need for that?

Quoted from the datasheet I found when I googled "nokia vpn policy


Nokia Security Service Manager
Nokia Security Service Manager is the centerpiece of a scalable Mobile
VPN solution. It enables VPN to be extended to the mobile domain using
the Nokia Mobile VPN Clients and supported VPN  gateways. Nokia SSM is
designed specifically to address the initial deployment of Nokia Mobile
VPN Client software and policies and subsequent management of them.
Nokia SSM can manage the PKI (Public Key Infrastructure) related
requirements in mobile environments. 

Compatible VPN gateways include:
* Nokia IP VPN Gateways (Nokia 500i, Nokia 100i, Nokia 50i and Nokia
10i) with Nokia VPN Manager
* Check Point VPN-1 running on Nokia IP Security Platform with Check
Point SmartCenter NG AI or higher
* Cisco 3000 Concentrator running software release 4.7 or higher. Note:
Software release 4.7 planned to be available from Cisco in April 2005.

The short answer is that this is an Enterprise Class solution that does
not scale down to single user at all. (Early RIM Blackberry comes to
mind...) You need the Security Service Manager, a Policy Management
Server (don't ask me what this is - I'm looking at the diagram on the
PDF above), and a "supported" VPN gateway. This is not something I would
waist time with, unless you plan to deploy dozens (or hundreds) of these
devices in your company.

James W. McKeand