I've configured my EasyVPN server on an ASA 5505. I've got a PIX firewall acting as the remote client. The client is attempting to connect, however when I do a "sh crypto isakmp sa" on the server I see the state listed as "AM_TM_INIT_XAUTH_V6H". I've been unable to find much help for this on google. Any ideas the meaning of that state? I have 3 other remote clients connected without any problems.
The only difference that I can see between the good and the bad PIX is the software version. The good one is running version 6.3.5, while the bad one runs 6.3.4. As far as configuration is concern, both good and bad ones look correct.
You might want to upgrade the bad one to version 6.3.5 as well.
I think this was actually related to the fact that the bad PIX had a restricted license and couldn't comply with the 3DES transform set.
I ended up bypassing by creating a site-to-site tunnel with a single DES transform set and it worked fine. I might go back later and see if I can set multiple transform sets to the dynamic map or if I can have multiple dynamic maps for legacy devices.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...