Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
278
Views
0
Helpful
1
Replies

AES - VPN Client cannot connect to Concentrator

r-ta
Level 1
Level 1

‎01-30-2003 08:09 AM - edited ‎02-21-2020 12:19 PM

Cisco 3030 using v.3.6.3.

VPN Client v.3.6.3.a., on Win2K

Tried to use AES-128. Set up IKE proposal with (Authentication = Preshared Keys, Authentication Algorithm = MD5/HMAC-128, Encryption Algorithm = AES-128, Diffie-Hellman Group: Group 2 (1024-bits). Also, set up SA with (IPSec Authentication Algorithm = ESP/MD5/HMAC-128, Encryption Algorithm = AES-128, IKE Negotiation Mode = Main, with IKE proposal as described above).

From VPN Client, got sequence: a) Initializing the connection..., b) Initiating TCP to x.x.x.x, port y..., c) Contacting the gateway at x.x.x.x..., d) Authenticating user...

[ At this point, the group is already authenticated ] Entered use id and pw. then got responds: e) Securing communication channel..., f) Remote peer terminated connection.

Anyone had luck got AES working?

Labels:
0 Helpful
1 Reply 1

Not applicable

‎02-05-2003 09:42 AM

This is a bug with 3.6.3. It seems that concentrtors running 3.6.3 are unable to negotiate AES. I guess the only way out is to upgrade to 3.6.4.

0 Helpful
Customers Also Viewed These Support Documents