Problems with vpn 4.0.x

d.baba · ‎10-23-2003

Dear all

I have a problem with the vpn client 4.0.2 (D), 4.0.3(A). I can't use it, with a message error :

Sev=Warning/3 IKE/0xA300004B

Received a NOTIFY message with an invalid protocol id(0)

My configuration :

pix 515 E with ios 6.3.3 and vpn DES

For information, when i use the vpn client 3.5.1, i haven't problems,i can access the lan and make what i want !!

my configuration too :

sysopt connection permit-ipsec

crypto ipsec transform-set ciml_transform esp-des esp-sha-hmac

crypto dynamic-map ciml_dyn_map 10 set transform-set ciml_transform

crypto map ciml_map 10 ipsec-isakmp dynamic ciml_dyn_map

crypto map ciml_map interface outside

isakmp enable outside

isakmp identity address

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

vpngroup ciml_vpngroup address-pool vpn_ip_pool

vpngroup ciml_vpngroup dns-server 10.1.1.41

vpngroup ciml_vpngroup default-domain toto.tata

vpngroup ciml_vpngroup idle-time 1800

vpngroup ciml_vpngroup password ********

thanks !!

fx

mostiguy · ‎10-23-2003

transform-set ciml_transform is using SHA for hashing, and your isakmp policy is using MD5. Try setting both to the same

gwatts21 · ‎10-29-2003

The combination of DES and SHA is not supported in the later versions of the VPN client. Select either DES & MD5 or 3DES & SHA for the transform set.