Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN between Symantec Raptor 6.5 ---> Cisco VPN3060 concentrator


I try to establish a VPN tunnel between a Symantec Enterprise firewall (formerly known als Raptor) and a Cisco VPN 3060 concentrator.

The VPN3060 is running the latest version software 3.5.3A

Phase 1 (IKE) completes, but directly starts to rekey.

Phase 2 never really starts.

It also gives the next error :

Mismatch: Configured LAN-to-LAN proposal differs from negotiated proposal.

Verify local and remote LAN-to-LAN connection lists.

But the networks are configured correctly.

Can anybody advice ??

  • Other Security Subjects

Re: VPN between Symantec Raptor 6.5 ---> Cisco VPN3060 concentra

Can you try and make it more specific network on the local and remote network configured under the ipsec-lan to lan of the 3060. Instead of using a list, try and use just one specific subnet, match it with the raptor end. Make the local be the subnet of the private interface, and the remote the directly connected subnet on the private of the raptor. Then do a ping from a host behind the raptor to the private interface of the concentrator, and see if you debugs are better.

Is the debug also suggesting the same issue on the raptor end?

New Member

Re: VPN between Symantec Raptor 6.5 ---> Cisco VPN3060 concentra


I already use only one subnet on both sides (local and remote).

Local I have a /27 network and remote a /26 network.

I can't access the Raptor since this a firewall of a business partner of our customer.

There have been simmilar problems between a PIX and an Raptor in the past.

The VPN3060 doesn't dsupport manual keying, else I would have tried this first.

Please advice

This widget could not be displayed.