From: Jeff on
The default configuration of Norton Antivirus 2005 silently causes
attempts to connect to a corporate VPN extranet using Nortel's
Contivity client to fail when the computer is behind an otherwise
VPN/IPSec-aware internet router that employs NAT for connection sharing
(including, but not limited to, the D-Link DI-614+). The connection
attempt proceeds normally, but stalls at the "looking for banner text"
message before giving up 15-20 seconds later with a message that the
secure connection was lost. The connection attempt succeeds if the
router is bypassed, and the computer is connected directly to the cable
or DSL modem using its public IP address.

The problem occurs because Contivity uses UDP NAT traversal to
establish IPsec connections for one or more users sitting behind a NAT
router. Norton Antivirus 2005 silently blocks the incoming traffic, and
neither NAV2k5's log messages nor its configuration options provide
much help with identifying Norton Antivirus 2005 as the problem's
cause.

The problem can be temporarily worked-around by disabling protection
against internet worms.

Hopefully, Symantec will fix this bug in the near future and/or add
this to their knowledge base to help frustrated users work around this
bug. I classify it as a bug because 99% of NAV2k5's users (and, for
that matter, most typical script-reading knowledgebase-bound helpdesk
staff) would NEVER be able to troubleshoot this problem on their own,
absent any meaningful guidance from Symantec's knowledgebase, NAV2k5's
logfiles, or its configuration options.