Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN 3000 Client and Windows ME

Have three different occurances of the VPN 3000 client being installed on a system running Windows ME (Millenium Edition).

On all three machines the client gets to the "Negotiating Security Profiles" dialogue box and gets no further.

The third machine is a fresh install with nothing but Windows ME. There is no personal firewall or other such security software installed. ICS was removed per the VPN 3000 installation requirements.

There are some strange log entries in the log but we are not certain they are coming from the failed Windows ME attempts. Just a list of random characters after a failed authentication attempt.

Any clues? Anyone know of a M$ or Altiga fix?

Thanks

11 REPLIES
Bronze

Re: VPN 3000 Client and Windows ME

I assume you are running version 1.1 of the client. Windows 95 & 98 only. I know a Windows 2000 client is due out shortly. I am not sure if it will work with Win ME.

New Member

Re: VPN 3000 Client and Windows ME

Only client version 3.0 works with 9/98/NT/ME/2000. It's out and works just fine. This is for the Concentrator 3015-80 series.

New Member

Re: VPN 3000 Client and Windows ME

Where can we get version 3.0 of the Client?

New Member

Re: VPN 3000 Client and Windows ME

Sorry it took so long to get back to you. I dowloaded the 3.0 client from Cisco's website under their software link. I think you need to have a CCO account to get to the VPN software.

New Member

Re: VPN 3000 Client and Windows ME

I have testet the v3.1, but it seems like IPSec over NAT are no longer working ?!

Test environment: Win2000 Professionel over Cisco 677 ADSL with NAT to a VPN3005 box.

The Beta edition 2.6 are working fine, but not the 3.1 version.

New Member

Re: VPN 3000 Client and Windows ME

I'm not faomiliar with 3005 Concentrator, but I know on the 3015-80 series both the client and the group you are using have to be enabled to do IPSEC with NAT.

Bronze

Re: VPN 3000 Client and Windows ME

What IOS version is running on the VPN3005?? I know for sure you have to be running version 3.0 or higher.

New Member

Re: VPN 3000 Client and Windows ME

I have just upgraded to version 3.0.2, and still the same result, the client and the vpn box cant speek with each other. I am still able to connect with a 2.6 beta client !

New Member

Re: VPN 3000 Client and Windows ME

I had a similar problem when using the new client although I have a VPN3030. The problem lied in the order of the IKE proposals. You should find that when you upgraded the concentrator to 3.0.2 that some extra proposals were added, namely:

CiscoVPNClient-3DES-MD5-RSA

CiscoVPNClient-3DES-SHA-DSA

CiscoVPNClient-3DES-MD5

I am using certificates and found that after a debug a transform proposal above the new VPN client entries was being used that would not work. By moving the CiscoVPNClient-3DES-MD5-RSA up the list above the old client entry IKE-3DES-MD5-RSA both 2.5/2.6 and 3.0 clients could connect.

At a guess if you are not using certificates I would try moving CiscoVPNClient-3DES-MD5 up the list, so it is above IKE-3DES-MD5.

Each transform is evaluated by the clients and concentrator during the negiotiation phase. With the new version 3.0 client supporting slightly different transforms the order seems to matter.

Hope this helps.

New Member

Re: VPN 3000 Client and Windows ME

Are you behind a MS Proxy Server? I remember encountering this message.

New Member

Re: VPN 3000 Client and Windows ME

Forgot to update this when the v.3 came out.

Since v.3 I haven't had any issues with the Altiga Client and ME.

Thanks

148
Views
0
Helpful
11
Replies