Cisco Support Community
Community Member

Problem connecting to PIX VPN

One of our employees is experiencing the following problem connecting to our Cisco PIX 515 VPN. He appears to be the only one having the problem, and we have tested his IDs and his ISP account on another PC with success... (I have replaced the gateway IP address with <Gateway IP>)

User reports:

"I need some assistance interpreting the errors logged by the Cisco client on my home PC. In comparing the log with that of a successful VPN connection, the problem appears to begin with the log messages below. These are the only messages with severity level of "Warning", and prior to these the logged messages are almost identical to those of the successful case. (All is well with user authentication.)"

Sev=Warning/3 IKE/0xE300006F Cannot match Policy Entry: local host=IP ADDR=, lcl_port = 0 remote host=IP ADDR=, dst_port = 0

Sev=Warning/3 IKE/0xA3000001 Failed to initiate negotiation.

Sev=Warning/3 IKE/0xE3000002 Function initialize_qm failed with an error code of 0x00000000(INITIATE:811)

The preceeding log message was:

Sev=Info/5 IKE/0x63000055 Received a key request from Driver for IP address <Gateway IP>, GW IP = <Gateway IP>

In a successful connection, the next message would be this:

Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK QM *(HASH, SA, NON, ID, ID) to <Gateway IP>

rather than the warning above.

Community Member

Re: Problem connecting to PIX VPN

In addition, when I do a "sh uauth" on the PIX, this user shows up as:

ipsec user 'domain\user' at , authenticated

while everyone else appears as:

ipsec user 'domain\user' at , authenticated

CreatePlease to create content