SA500 IPSEC Client connection

Unanswered Question
May 10th, 2010
User Badges:

Having some trouble getting ipsec remote access working.

I have an avaya 5610 vpn phone (which has a built in vpn client, that uses ipsec)

I typically use an ASA 5510 for this type of setup, but with the backorder on ASA's, we delivered an SA500 onsite.


When testing, the phone never seems to get passed phase1


So I tried using Cisco's VPN client software 5.0.5 from my PC.

I still could not connect.


the log within the vpn client displays:


Cisco Systems VPN Client Version 5.0.05.0280

Copyright (C) 1998-2009 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Windows, WinNT

Running on: 6.1.7600

Config file directory: C:\Program Files\Cisco Systems\VPN Client\


1      11:42:01.286  05/10/10  Sev=Info/6 IKE/0x6300003B

Attempting to establish a connection with 72.20.157.84.


2      11:42:01.291  05/10/10  Sev=Info/4 IKE/0x63000001

Starting IKE Phase 1 Negotiation


3      11:42:01.298  05/10/10  Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 72.20.157.84


4      11:42:01.921  05/10/10  Sev=Info/4 IPSEC/0x63700008

IPSec driver successfully started


5      11:42:01.921  05/10/10  Sev=Info/4 IPSEC/0x63700014

Deleted all keys


6      11:42:06.492  05/10/10  Sev=Info/4 IKE/0x63000021

Retransmitting last packet!


7      11:42:06.492  05/10/10  Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK AG (Retransmission) to 72.20.157.84


8      11:42:11.563  05/10/10  Sev=Info/4 IKE/0x63000021

Retransmitting last packet!


9      11:42:11.564  05/10/10  Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK AG (Retransmission) to 72.20.157.84


10     11:42:16.634  05/10/10  Sev=Info/4 IKE/0x63000021

Retransmitting last packet!


11     11:42:16.634  05/10/10  Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK AG (Retransmission) to 72.20.157.84


12     11:42:21.705  05/10/10  Sev=Info/4 IKE/0x63000017

Marking IKE SA for deletion  (I_Cookie=D92BA7834E762FDC R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING


13     11:42:22.205  05/10/10  Sev=Info/4 IKE/0x6300004B

Discarding IKE SA negotiation (I_Cookie=D92BA7834E762FDC R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING


14     11:42:22.228  05/10/10  Sev=Info/4 IKE/0x63000001

IKE received signal to terminate VPN connection


15     11:42:22.719  05/10/10  Sev=Info/4 IPSEC/0x63700014

Deleted all keys


16     11:42:22.719  05/10/10  Sev=Info/4 IPSEC/0x63700014

Deleted all keys


17     11:42:22.719  05/10/10  Sev=Info/4 IPSEC/0x63700014

Deleted all keys


18     11:42:22.719  05/10/10  Sev=Info/4 IPSEC/0x6370000A

IPSec driver successfully stopped


the log under the SA500 vpn client displays:


2010-05-10 16:19:47: ERROR:  Could not find configuration for 72.20.157.5[29303]

2010-05-10 16:19:52: ERROR:  Could not find configuration for 72.20.157.5[29303]

2010-05-10 16:19:57: ERROR:  Could not find configuration for 72.20.157.5[29303]

2010-05-10 16:20:02: ERROR:  Could not find configuration for 72.20.157.5[29303]

2010-05-10 17:13:19: WARNING:  no phase2 found for "test"

2010-05-10 17:13:19: INFO:  IPSec configuration with identifer "test" deleted sucessfully

2010-05-10 17:16:27: INFO:  Adding IPSec configuration with identifier "test"

2010-05-10 17:16:27: ERROR:  Failed to load the configuration

2010-05-10 17:21:04: ERROR:  Could not find configuration for 72.20.157.5[57048]

2010-05-10 17:21:09: ERROR:  Could not find configuration for 72.20.157.5[57048]

2010-05-10 17:21:15: ERROR:  Could not find configuration for 72.20.157.5[57048]

2010-05-10 17:21:20: ERROR:  Could not find configuration for 72.20.157.5[57048]


I spoke with cisco smbs support. they stated you could only use SSL as a means to connect via client to the SA500.
Is this the case?

Any assistance is greatly appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion

Related Content