VPN Client 3.6.1 OK, but 3.6.3 gives 'CM_IKE_ESTABLISH_FAIL'
I've been using client 3.6.1 against a Pix 520 for quite some time now. Today I tried 3.6.3B and I keep getting the error above. I can successfully connect on another computer behind the same router, on the same LAN w/ 3.6.1. If I un-install 3.6.3B and re-install 3.6.1, it works fine. We're using 'Group Access' instead of certs to connect if that makes a difference.
I'm using DSL at home w/ a Linksys router. I don't think it's router config though since it works on the older client.
Re: VPN Client 3.6.1 OK, but 3.6.3 gives 'CM_IKE_ESTABLISH_FAIL'
Greg - I've been seeing something very similar with client 3.6.3. Some 5% of new users just cannot connect on their first login, and the exact message you showed is also displayed in the client logs.
Mostly the systems are fine, but I'm also getting intermittent connection success across about 100 users. Most login OK, but then everyone fails to connect about every four or five days, and the 3005 has to be rebooted to get it to work. Other times, just a few users can't connect.
My environment is a 3005 with 3.6.6 and 32 MB RAM; all users authenticate with a RSA token, and all belong to a group that is authenticated via a RSA server, and that is the only group on the box. There are no users on the 3005. I'm getting ready today to fireup our sniffer on the WAN segment, to see if the client is sending anything at all. That's my big concern - that nothing is happening from the client end.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :