Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
453
Views
0
Helpful
5
Replies

Windows98 client (MS) --> IPSec VPN --> Cisco 3000 Concentrator problems

tegarcia
Cisco Employee
Cisco Employee

‎08-20-2002 08:05 AM - edited ‎02-21-2020 12:00 PM

All!,

We are trying to use the Windows 98 Microsoft client to bring up an IPSec VPN tunnel into a Cisco (altiga) 3060 VPN Concentrator. The PPTP will work but the IPSec process dies.

Does anyone have this working in a fool-proof manner...and if so....could you share your secret?

TAC has not been able to track this one down yet...

Thanks!

Labels:
0 Helpful
5 Replies 5

awaheed
Cisco Employee
Cisco Employee

‎08-20-2002 11:25 AM

Hi,

For IPSec to work from a Windows machine we will need to use the Cisco VPN Client. The Default Microsoft Client supports PPTP not IPSec and we have only support impemented for IPSec/L2TP from a Windows machine not plain IPSec. Kindly try using the Cisco VPN client for this scenario and it should work for you like a charm.

Regards,

Aamir

-=-

0 Helpful

awaheed
Cisco Employee
Cisco Employee
In response to awaheed

‎08-20-2002 11:26 AM

Additionally..

The following goes over the Cisco VPN client setup with Concentrator:

http://www.cisco.com/warp/public/471/ipsec_3000.html

Regards,

Aamir

0 Helpful

tegarcia
Cisco Employee
Cisco Employee
In response to awaheed

‎08-21-2002 04:58 AM

This problem is actually happening with the Microsoft Win98 upgrade that they released in June 2002. The IPSec implementation is (supposedly) the same core used by the Win2000 product. This MS client uses the same core IPSec component as the Cisco client...a product of SafeNet (previously RRE) out of Baltimore, Maryland. It seems that the difference is in the way that these have been packaged differently by MS and Cisco. We have not been able to get the Win2000 IPSec client to work also and this is why we feel the problem is in the packaging.

Our application is a POS arrangement where we do not want the user to see what is going on behind the screen mash. This is especially true when it comes to pop-ups related to the VPN client. Since our app already has been tuned in this regard to work with the Win98 PPTP client talking to a Cisco 3000 concentrator, we would like to utilize the MS client. The MS client also provides more info as to why it failed and other problems through standard MS API.

So... If someone can give some insight how to make this new MS Win98 client..or the Win2000 IPSec clent...work with a 3000 it would be GREATLY appreciated!

Thanks!

0 Helpful

tegarcia
Cisco Employee
Cisco Employee
In response to tegarcia

‎08-26-2002 08:27 AM

Any updated thoughts on this since I posted my last response pertaining to the Win98 upgrade package that mirrors the MS Win2k client?

Thanks!

Tom Garcia

0 Helpful

michael.arthur
Level 1
Level 1
In response to tegarcia

‎08-30-2002 07:31 PM

Just my 2 cents, but if you're using security from Microsoft you aren't secure. Pure IPSec (and NOT the MS implementation of it) is the only way to go if you're serious about running a secure connection. I've tested the Cisco client extensively and while it's got it's share of bugs, it's pretty solid. I would highly recommend using it, as it is supportable and secure. I understand from your previous posts that you would prefer to use the built in client to hide dialog boxes from the end users and if that is a non-negotiable requirement for your solution then I would suggest you consider a site to site tunnel. Hope that helps.

0 Helpful
Customers Also Viewed These Support Documents