Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
803
Views
0
Helpful
3
Replies

VPN and Internet Connection Sharing

jdeathwish
Level 1
Level 1

‎01-16-2003 12:50 PM - edited ‎02-21-2020 12:17 PM

We have a remote user trying to connect to a Cisco 3000. They are trying to share a dialup connection using a crossover cable. The computer acting as a gateway is the one that needs to access the 3000. It is running XP Pro with VPN version 3.5.2.

Here are the logs from two connection attempts:

1 14:11:29.378 01/16/03 Sev=Warning/3 IKE/0xE3000070

Cannot match Policy Entry:

local host=IP ADDR=0.0.0.0, lcl_port = 0

remote host=IP ADDR=0.0.0.0, dst_port = 0

2 14:11:29.378 01/16/03 Sev=Warning/3 IKE/0xA3000001

Failed to initiate negotiation.

3 14:11:29.378 01/16/03 Sev=Warning/3 IKE/0xE3000002

Function initialize_qm failed with an error code of 0x00000000(INITIATE:811)

4 14:27:18.425 01/16/03 Sev=Warning/3 IKE/0xE3000070

Cannot match Policy Entry:

local host=IP ADDR=0.0.0.0, lcl_port = 0

remote host=IP ADDR=0.0.0.0, dst_port = 0

5 14:27:18.425 01/16/03 Sev=Warning/3 IKE/0xA3000001

Failed to initiate negotiation.

6 14:27:18.425 01/16/03 Sev=Warning/3 IKE/0xE3000002

Function initialize_qm failed with an error code of 0x00000000(INITIATE:811)

7 14:27:26.410 01/16/03 Sev=Warning/3 IKE/0xA3000058

Received malformed message or negotiation no longer active (message id: 0x11F29E51)

8 14:27:34.410 01/16/03 Sev=Warning/3 IKE/0xA3000058

Received malformed message or negotiation no longer active (message id: 0x11F29E51)

9 14:27:44.378 01/16/03 Sev=Warning/3 DIALER/0xE3300015

GI VPN start callback failed "CM_IKE_RECEIVED_DELETE_NOTIFICATION" (15h).

Thanks

Johnny Deathwish

Labels:
0 Helpful
3 Replies 3

gfullage
Cisco Employee
Cisco Employee

‎01-17-2003 10:22 PM

The "Cannot match policy entry" log message is bug CSCdx88008, see the Bug Toolkit for details on how to resolve it (http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl)

Having said that, ICS has never been supported with the VPN client, in fact later versions will detect that it's running and tell you to turn it off before continuing. I'd be surprised if you got it running properly. It does work from a device behind an ICS machine, but not from the ICS machine itself.

0 Helpful

jdeathwish
Level 1
Level 1
In response to gfullage

‎01-22-2003 11:50 AM

The only thing I can find from searching Cisco and Google about CSCdx88008 says if your running XP see bug CSCdv23894. Unfortunately I am not priveledged enough to get to the link you have pasted there. I'm sure it would be what I need. If you could give me some info on bug CSCdv23894 it would be much appreciated.

Johnny Deathwish

0 Helpful

jdeathwish
Level 1
Level 1
In response to jdeathwish

‎01-24-2003 02:00 PM

Come on. Somebody in here has to have some info on CSCdv23894. Any help would be greatly appreciated.

0 Helpful
Customers Also Viewed These Support Documents