Cisco Support Community
Community Member

VPN CLIENT 3.5 & Microsoft Certificates

I have a problem with the vpn client or the pix 501. I can get the client working using cisco certificates (generated by the certificates managing tool witch comes with the vpn client). Everything works fine. But i want to use microsoft certificates! This because I want to make use of smartcards for secure vpn. When I use a microsoft certificate I can get through the pix, and the Cisco ACS server prompts for username and password, after filling this in the client gives me the message. Negotiating security policies and freezes. Does anyone one if this is a bug or did i misconfigure my VPN client, PIX 501 or Cisco ACS 3.0 ??


Re: VPN CLIENT 3.5 & Microsoft Certificates

Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center ( or speak with a TAC engineer. You can open a TAC case online at

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

Cisco Employee

Re: VPN CLIENT 3.5 & Microsoft Certificates

Try adding on the Pix the command, isakmp identity hostname. If this doesn't work, maybe log a case with TAC, as your config needs to be reviewed as well as the debugs.

CreatePlease to create content