We want to connect by Cisco VPN Client to ASA5550 (IOS 8.0(4)) over VPN witch certificates generated by Microsoft CA (Server 2008 Enterprise).
ASA has own certificate generated by MS CA and client cert are also generated by MS CA.
What is wrong ??
Log from Cisco VPN Client:
Cisco Systems VPN Client Version 5.0.02.0090
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 6.0.6001 Service Pack 1
23 11:49:58.219 05/25/09 Sev=Warning/3 IKE/0xE3000081
Invalid remote certificate id: ID_IPV4_ADDR: ID = 0x3DD827C3, Certificate = 0x00000000
24 11:49:58.219 05/25/09 Sev=Warning/3 IKE/0xE3000059
The peer's certificate doesn't match Phase 1 ID
25 11:49:58.219 05/25/09 Sev=Warning/2 IKE/0xE30000A7
Unexpected SW error occurred while processing Identity Protection (Main Mode) negotiator:(Navigator:2238)
Have You any solution?
The same config on the PIX 515E and the same VPN Client works!!
Additional log from ASA in attachment.