Client VPN issue's

Unanswered Question
Sep 3rd, 2009
User Badges:

Hello.


Setting up a new asa with client access. Run though the wizard and i'm getting this error on the client end. Any ideas?


61 17:05:36.222 09/03/09 Sev=Info/4 IKE/0x6300004B

Discarding IKE SA negotiation (I_Cookie=CA45F791256BF6E1 R_Cookie=5D501D07CE4653FD) reason = DEL_REASON_IKE_NEG_FAILED


62 17:05:36.222 09/03/09 Sev=Info/4 CM/0x63100012

Phase 1 SA deleted before first Phase 2 SA is up cause by "DEL_REASON_IKE_NEG_FAILED". 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
zangbezang Fri, 09/04/2009 - 00:48
User Badges:

I've managed to fix the issue with connectivity. But the problem i have now is that the new range being applied assigns a gateway address and strips the local gateway. I'm assuming this is an easy fix but i can't find the switch.

zangbezang Fri, 09/04/2009 - 06:24
User Badges:

VPN working fine now with cisco client. But i am unable to connect with the windows built in client on both XP and Vista.


I'm not sure what i'm missing in my configuration to allow built in windows clients to access my asa, but i've tried most options within my tunnel and policy.

Sureshdank Sun, 09/13/2009 - 22:24
User Badges:

Hi Zang,


Microsoft Dialer works on PPTP protocol whereas Cisco client works on Std. C2S ports i.e. TCP 10000, UDP 500, UDP 4500.

Wherein Microsoft dialer works on TCP 1723. So you need to configure PPTP VPN in your device.


Regards,

Suresh Kumar

Actions

This Discussion