Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5236
Views
0
Helpful
1
Replies

VPN Client Cert Chain Issues

karlalbrecht
Level 1
Level 1

‎07-04-2008 09:28 AM - edited ‎02-21-2020 03:48 PM

I am attempting to setup a VPN connection on a new computer. This connection currently works fine on another machine. I have installed the Root Cert chain and my personal cert as before and it fails to connect. I have included my log file below. The cert shows as valid so I am unsure what I have done wrong. I have done this for other machines and it has worked fine. Any help would be appreciated!

Thank you

Karl

Cisco Systems VPN Client Version 4.8.01.0300

Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Windows, WinNT

Running on: 5.1.2600 Service Pack 3

109 10:24:39.791 07/04/08 Sev=Info/6 CERT/0x63600025

Attempting to find a Certificate using Serial Hash.

110 10:24:39.791 07/04/08 Sev=Info/6 CERT/0x63600026

Found a Certificate using Serial Hash.

111 10:24:39.791 07/04/08 Sev=Info/6 CERT/0x63600025

Attempting to find a Certificate using Serial Hash.

112 10:24:39.791 07/04/08 Sev=Info/6 CERT/0x63600026

Found a Certificate using Serial Hash.

113 10:24:39.791 07/04/08 Sev=Info/6 CERT/0x63600025

Attempting to find a Certificate using Serial Hash.

114 10:24:39.791 07/04/08 Sev=Info/6 CERT/0x63600026

Found a Certificate using Serial Hash.

115 10:24:39.870 07/04/08 Sev=Info/4 CERT/0x63600015

Cert (cn=XXXXXXXXXXXXXX,ou=CSADMIN,dc=secure,dc=XXXXXXXXXXXX,dc=com) verification succeeded.

116 10:24:40.901 07/04/08 Sev=Info/6 CERT/0x63600025

Attempting to find a Certificate using Serial Hash.

117 10:24:40.901 07/04/08 Sev=Info/6 CERT/0x63600026

Found a Certificate using Serial Hash.

118 10:24:41.135 07/04/08 Sev=Info/4 CERT/0x6360001B

No smart card readers with cards inserted found.

119 10:24:41.432 07/04/08 Sev=Warning/2 CERT/0xE360003E

Cert chain missing or intermediate CA signature failed - Cert verification failed.

120 10:24:41.432 07/04/08 Sev=Warning/2 IKE/0xE3000097

Unable to validate peer certificate, Common Name co-sec-vpn01.ou=secure.ou=XXXXXXXXXXXX.o=com., Issuer cn=CPI,dc=secure,dc=XXXXXXXXXXX,dc=com, (CertCfg:241).

121 10:24:41.432 07/04/08 Sev=Warning/2 IKE/0xE300009B

Failed to process MM Msg 6 (NavigatorMM:570)

122 10:24:41.432 07/04/08 Sev=Warning/2 IKE/0xE30000A7

Unexpected SW error occurred while processing Identity Protection (Main Mode) negotiator:(Navigator:2237)

Labels:
0 Helpful
1 Reply 1

mchin345
Level 6
Level 6

‎07-10-2008 06:32 AM

VPN connection was not established because of an unrecognized reason. Please check the logs for details. Better solution is Install an Identity Cert that is not chained.

0 Helpful
Customers Also Viewed These Support Documents