pix 501 tunnel to VPN3000

Unanswered Question
Apr 5th, 2007
User Badges:

I am trying to configure a pix 501 as a vpn client to connect to a VPN3000 concentrator, using a microsoft CA server. I have achieved this without any problems using the vpn3002 hardware client but I can't get the pix to authenticate and get the certificate from the CA. Has anyone encountered and resolved the same problem ? any help is appreciated.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jbayuka Wed, 04/11/2007 - 06:06
User Badges:
  • Bronze, 100 points or more

check PIX configuration , whether " isakmp identity hostname" command is enabled or not.

Also ensure PIX clock time maching with CA Server time.

srue Wed, 04/11/2007 - 11:19
User Badges:
  • Blue, 1500 points or more

can you get it to work without using certs? ie w/ a pre shared key? knowing that could help eliminate other possible causes.


This Discussion