I have a customer who is running a PIX506E firewall V6.3(1). I have been successful in getting the Cisco VPN client to connect. This customer has also purchased SafeNet Inc. SoftRemote V10 and wants it to connect to the PIX also. I have been successful in getting SoftRemote to connect in 'no-auto-config' mode, but not in 'Virtual Adapter' mode that would allow dynamic address assignment to the virtual adapter interface on the SoftRemote client. It looks like I get all the way through IKE phase 1, XAUTH, and IKE phase 2 on the PIX and everything looks normal. But on the SoftRemote client, the following messages appear in the log:
Failure finding or creating filter entry
Key download failed
Error downloading key
Failed loading keys
The connection eventually times out and disconnects.
Unfortunately for me, the customer has not purchased a support agreement from SafeNet for SoftRemote, so they will not answer any of my questions. Does anyone here know anything about SoftRemote and what these filters are?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...