I have cisco VPN client 4.6 on WinXP and the server is IOS easy vpn server (12.4T). Everything works fine with pre-shared keys, but when I try to use certificates for IKE authentication the VPN client never connects.
In its log I always see the following error (everything before the 5th ISAKMP message snipped):
I cannot understand what's wrong with the cert received from the server. Seems that in message #127 it is successfully verified, but in the #128 the client complains about missing FQDN. How it can be? The cert has commonname set to fqdn.
Anyway, the same thing happens if ip address is used as identity...
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...