VPN Client problems

remco.gussen · ‎06-13-2006

I'm trying to make a remote access VPN to a PIX 515-E. I'm getting a login. When i fill in the username and password, the "securing communications channel" indication appears. After that.... not connected.

This is what is in the log file:

61 10:42:34.562 06/13/06 Sev=Info/4 IKE/0x63000014

RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:INVALID_ID_INFO) from x.x.x.x

next problem:

Marking IKE SA for deletion (I_Cookie=A2E6D06FA9402EE7 R_Cookie=637959F758990E29) reason = DEL_REASON_IKE_NEG_FAILED

What is the problem and what can i do to solve it ?

Thanks.

Remco

a.hajhamad · ‎06-13-2006

Hi Remco,

Did you configure the IP address pool?

josephaudet · ‎06-13-2006

I would ask you a couple of questions before I can help you:

1. What application are you using to create teh RA VPN? (ie: Cisco VPN Client, Microsoft VPN Client)

2: What OS is on the PIX? ( ie: 6.3(4), 7.0(1) )

3: Can you paste a cleansed copy of your config? IE: remove all passwords, and replace IP addresses with something arbitrary.

This will help me to T/S the issue for you.

remco.gussen · ‎06-13-2006

I'm using the Cisco VPN Client 4.8. The PIX uses OS 7.0(4). It is the PIx from a customer, so i can't get the config. The error codes are from the logfile from the Cisco Client.

The config is made by the VPN Wizzard. This will work fine most of the time... Not this time...

The address pool is defined !

Thanks

Remco

glynnd · ‎07-12-2006

are you using certificates or pre-shared key (group name and password)? And are you using Xauth?

check the group name and password, What are the configured ISAKMP settings on the PIX, what are you using for enc (3DES, AES...), auth ( SHA or MD5) and DH group.