VPN Client to ASA 5500

Answered Question

I am unable to get my Cisco VPN client to successfully negotiate with my ASA 5500. I have gone thru several configs and have had no luck. I am posting my current router config and debug info in hopes that someone sees something obvious. It is not passing the initial phase.


Thank you very much for your assistance.





Correct Answer by acomiskey about 9 years 11 months ago

Still having trouble, try adding..


isakmp policy 65535 authentication pre-share

isakmp policy 65535 encryption 3des

isakmp policy 65535 hash sha

isakmp policy 65535 group 2

isakmp policy 65535 lifetime 86400


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
acomiskey Wed, 05/09/2007 - 17:37
User Badges:
  • Green, 3000 points or more

Still having trouble, try adding..


isakmp policy 65535 authentication pre-share

isakmp policy 65535 encryption 3des

isakmp policy 65535 hash sha

isakmp policy 65535 group 2

isakmp policy 65535 lifetime 86400


mfreijser Thu, 05/10/2007 - 02:16
User Badges:
  • Bronze, 100 points or more

You could try to change the transform-set to something like 3DES or AES instead of using DES. Rebooting the device after the initial VPN configuration is always a good idea.


I once had a strange problem with a ASA using a DES transform-set, it was solved by using a higher protocol for my transform-set.


Regards,


Michael

Actions

This Discussion