Secure Connection is terminated by local client. Remote peer is no longer responding. Error 412.
Means that the VPN Client detected that the head end device (i.e. VPN 3000 concentrator, PIX or router) was no loger responding. The client does this by using the DPD (Dead Peer Detection) mechanism. DPD IKE peer reachability probes only to devices that it has not received data from in a configurable time period.
Most definitely the reason that you are not getting an authentication prompt for Xauth is because the client is not getting to that point within the IKE negotiation. Perhaps the first IKE packets are not being reached at the peer. If you enable the event log in the client you should see debug information about the client connection attempt. If you see retransmissions, most definitely something is blocking the request or the client is not sending the IKE messages to the peer.
Open udp-500 and udp-4500 on the device (router, PIX)in front of the VPN terminating device (Concentrator, PIX, router). Basically, your Phase I negotiation is not finishing up to allow it to move to Phase 2.
unfortunately without the logs from the client and head end device we will not be able to tell you what the problem is. Do you only see retransmissions? Do you see a problem with the IKE proposal exchange?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :