02-05-2002 12:15 PM - edited 02-21-2020 11:35 AM
I get [ire] IRE registry key access error
from CSPM after I have set up all the properties and everything to enable IPSec to one of my sensors.
Running CSPM 2.3.3i and Sensors are 3.0(3)S15
02-05-2002 12:57 PM
Did you install the Cisco Secure VPN client? This is the message that is displayed if you did not install the VPN client. If not, you can go here
http://www.cisco.com/warp/public/cc/pd/sqsw/vpncl/index.shtml
for more information.
Good luck,
Russ
02-06-2002 07:08 AM
your right, that was what it is. but the problem I have now is, i setup my 2 sensors for IPSec and did them both the same way. one works fine but the second gets "error - can not communicate with sensor". I did everything the same. and I have tried save --> update multiple times, and changes all the keys for both sensors and its just the one that seems to have the problem. I also checked the VPN client policy and everything looks right.the 4210 works fine but the 4230FE is the one having the prob.
03-01-2002 03:07 AM
Hi,
I've experimented the same problem !!!
(also with the vpn client is installed on cspm)
if you find a workaround, please notify me!!
thank you very much!
Graziano
03-01-2002 06:05 AM
When setting up IPSec on more than one sensor you need to define a new tunnel template for each sensor.
Here are the steps:
1) Setup IPSec on the first sensor as usual, using the "Highly Secure Manual/IDS Encrypted" template.
2) Before setting up IPSec on the second sensor, you must add a new manual tunnel template. Right click the Highly Secure Manual folder node under IPSec Tunnel Templates and create a new Manual Tunnel Template.
3) Click the template's "Protocol" tab and create a New Proposal selecting the "ESP (HMAC-MD5, DES-CBC)" protocol.
4) Setup IPSec on the second sensor selecting this new tunnel group in the senor's "Use secure IPSec with template" dropdown box on the Control panel.
5) This will cause a new IPSec Tunnel Group node to appear under Network policy.
Use this new group to specify the manual key values.
6) After pressing Update, be sure to issue both of the IPSectool commands that appear on the command panel of the sensor nodes for both sensors.
Good Luck,
Russ
03-01-2002 11:53 PM
Hi,
is right... but I've only one sensor (4230) a one CSPM (2.3.3i):
I've followed the steps finded in the Cisco docs. I've issued the ipsectool commands at the root level
of the sensor console ... is right?
After this the communications has gone down and a error ide registry appeared at the cspm gui.
Graz.
03-05-2002 12:35 PM
Hi,
I've found the problem ! ! ! !
the vpn client to istall is note the vpn 3000 client but the old vpn 1.1!!!
I hope that Cisco release the new CSPM 3.0 in a hurry ! ! ! (I'm joking)
Graz.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide