Just a quick question to see if anyone has been able to make the "title" work.
I have a VPN Concentrator running code 3.6.5. An IPaQ PocketPC running the latest movianVPN software. The IPaQ does authenticate when I use an internal user account. I can use the VPN Concentrator to test the account for authentication against the SDI server (pre5.0).
What I have not been able to do is to get the movianVPN client to use the SDI server for authentication.
It passes Phase 1 without any difficulty. Below are the logs from the concentrator. I was receiving similiar errors when configuring the VPN Concentrator to use the DHCP server to grant leases but was able to correct that error. This one I am still mulling about.
Does that same account (SDI userid/PIN) work from a PC, or does the "Test" work from the concentrator itself?
You can try tweaking the timeout/retries on the vpn3k for SDI server to see if that helps, if it doesn't, try sniffing the Authentication session b/w vpn3k and SDI to see where its failing, or SDI server logs can also be a good starting point for troubleshooting.
V3.6.7+ codes are better for SDI auth, as several issues have been fixed.
Yes the SDI/userid/PIN do function from the laptop with the air card to the vpn concentrator. The SDI/userid/Pin also work from the concentrator. The only part that did not function as per expected is the IPaQ/SDI/userid/PIn combination.
Today I will be working with the person responsible for the SDI server so we can view the transactions as they happen, SDI server monitor window, VPN Concentrator Live event monitor and the IPaQ log window. Hopefully we will be able to establish what may not be working correctly.
In advance I recreated the user and group for the IPaQ incase there was something I did not catch the first time around. I used the movianVPN / VPN concentrator instructions off of there site and some documents I received from Cisco on the subject.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...