For IPSec to work from a Windows machine we will need to use the Cisco VPN Client. The Default Microsoft Client supports PPTP not IPSec and we have only support impemented for IPSec/L2TP from a Windows machine not plain IPSec. Kindly try using the Cisco VPN client for this scenario and it should work for you like a charm.
This problem is actually happening with the Microsoft Win98 upgrade that they released in June 2002. The IPSec implementation is (supposedly) the same core used by the Win2000 product. This MS client uses the same core IPSec component as the Cisco client...a product of SafeNet (previously RRE) out of Baltimore, Maryland. It seems that the difference is in the way that these have been packaged differently by MS and Cisco. We have not been able to get the Win2000 IPSec client to work also and this is why we feel the problem is in the packaging.
Our application is a POS arrangement where we do not want the user to see what is going on behind the screen mash. This is especially true when it comes to pop-ups related to the VPN client. Since our app already has been tuned in this regard to work with the Win98 PPTP client talking to a Cisco 3000 concentrator, we would like to utilize the MS client. The MS client also provides more info as to why it failed and other problems through standard MS API.
So... If someone can give some insight how to make this new MS Win98 client..or the Win2000 IPSec clent...work with a 3000 it would be GREATLY appreciated!
Just my 2 cents, but if you're using security from Microsoft you aren't secure. Pure IPSec (and NOT the MS implementation of it) is the only way to go if you're serious about running a secure connection. I've tested the Cisco client extensively and while it's got it's share of bugs, it's pretty solid. I would highly recommend using it, as it is supportable and secure. I understand from your previous posts that you would prefer to use the built in client to hide dialog boxes from the end users and if that is a non-negotiable requirement for your solution then I would suggest you consider a site to site tunnel. Hope that helps.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :