10-26-2006 06:34 AM - edited 03-09-2019 04:41 PM
From Cisco VPN client, trying to connect to Cisco VPN Concnetrator 3000. Negotiate the initial tunnel ok, and the user login window opens. I enter the credentials, and the credentials are accepted. The status information in the bottom of the window indicates that the client is negotiating security policies. Then the connection is closed with no error messages. Im assuming that I have not selected the appropriate check boxes when I set up the group. This is not a production system, and is just testing in a lab. What security policies must I check for the client to negotiate correctly?
10-26-2006 06:57 AM
Jeffrey
The required policies would be dependent on how the VPN concentrator was configured. Do you have access to the concentrator to be able to see how the group is configured that you will be a member of and whether there is configuration of your individual ID and what policies are associated with it?
HTH
Rick
10-26-2006 07:11 AM
Rick -
Yes I do. This is a lab, so I have full control over the concentrator. I have it set right now for the member to inheret the group policies. I have not been trained on the concentrator, nor am I security expert, so I am stumbling through this. Where would I go to set the security policy for the group and/or individual and what is the appropriate policy for a Cisco VPN client (default settings)
Jeff
10-26-2006 09:26 AM
Jeff
If you have set up your group to inherit policies from the base group then you would want to see what policies are set up for the base group: navigate in the concentrator to configuration, then to User Management, then to Base Group. The security policies are on the IPSec tab.
HTH
Rick
10-27-2006 09:16 AM
Rick -
Went into base group -> IPSEC tab -> attributes. I tested using all of the following options individually (none - could not make connection to VPN conectrator, ESP-DES-MD5, ESP-3DES-MD5, ESP/IKE-3DES-MD5, ESP-3DES-NONE). In all cases (except for the none case) I got the same results. Login window opened up, I added my credentials, credentials were accepted, then the connected was closed. I included a capture of the VPN Client log file. Down at Number 33, it gives the message Delete Reason Code: 4->PEER_DELETE-IKE_DELETE_NO_ERROR. HTH
Jeff
10-26-2006 06:11 PM
Jeff,
Can you make sure that you have configured the VPN3000 to assign IP Addresses to the VPN Clients.
Please refer the below URL for details:
Let me know if it helps.
Regards,
Arul
** Please rate all helpful posts **
10-27-2006 09:08 AM
Arul - thanks, but thats not it. I have an address assigned in the user group
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide