Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPSec Error

I get [ire] IRE registry key access error

from CSPM after I have set up all the properties and everything to enable IPSec to one of my sensors.

Running CSPM 2.3.3i and Sensors are 3.0(3)S15

6 REPLIES
New Member

Re: IPSec Error

Did you install the Cisco Secure VPN client? This is the message that is displayed if you did not install the VPN client. If not, you can go here

http://www.cisco.com/warp/public/cc/pd/sqsw/vpncl/index.shtml

for more information.

Good luck,

Russ

New Member

Re: IPSec Error

your right, that was what it is. but the problem I have now is, i setup my 2 sensors for IPSec and did them both the same way. one works fine but the second gets "error - can not communicate with sensor". I did everything the same. and I have tried save --> update multiple times, and changes all the keys for both sensors and its just the one that seems to have the problem. I also checked the VPN client policy and everything looks right.the 4210 works fine but the 4230FE is the one having the prob.

New Member

Re: IPSec Error

Hi,

I've experimented the same problem !!!

(also with the vpn client is installed on cspm)

if you find a workaround, please notify me!!

thank you very much!

Graziano

New Member

Re: IPSec Error

When setting up IPSec on more than one sensor you need to define a new tunnel template for each sensor.

Here are the steps:

1) Setup IPSec on the first sensor as usual, using the "Highly Secure Manual/IDS Encrypted" template.

2) Before setting up IPSec on the second sensor, you must add a new manual tunnel template. Right click the Highly Secure Manual folder node under IPSec Tunnel Templates and create a new Manual Tunnel Template.

3) Click the template's "Protocol" tab and create a New Proposal selecting the "ESP (HMAC-MD5, DES-CBC)" protocol.

4) Setup IPSec on the second sensor selecting this new tunnel group in the senor's "Use secure IPSec with template" dropdown box on the Control panel.

5) This will cause a new IPSec Tunnel Group node to appear under Network policy.

Use this new group to specify the manual key values.

6) After pressing Update, be sure to issue both of the IPSectool commands that appear on the command panel of the sensor nodes for both sensors.

Good Luck,

Russ

New Member

Re: IPSec Error

Hi,

is right... but I've only one sensor (4230) a one CSPM (2.3.3i):

I've followed the steps finded in the Cisco docs. I've issued the ipsectool commands at the root level

of the sensor console ... is right?

After this the communications has gone down and a error ide registry appeared at the cspm gui.

Graz.

New Member

Re: IPSec Error

Hi,

I've found the problem ! ! ! !

the vpn client to istall is note the vpn 3000 client but the old vpn 1.1!!!

I hope that Cisco release the new CSPM 3.0 in a hurry ! ! ! (I'm joking)

Graz.

108
Views
0
Helpful
6
Replies