home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.dcom.vpn      VPN protocols, clients, awesomeness      2,348 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 626 of 2,348   
   Neo to All   
   vpn pix to Cisco VPN client   
   26 Dec 03 19:26:51   
   
   From: giannigiovannini@tin.it   
      
   Hi to all   
   I have a question on  PIX Firewall   
   when I try to connect with my Cisco VPN client 4.0.3 (c)   
   to my  PIX 525   
   with this settings for vpn   
      
   crypto ipsec transform-set strong esp-3des esp-md5-hmac   
   crypto dynamic-map PIPPO 10 set transform-set strong   
   crypto map PIPPO-crypto 65535 ipsec-isakmp dynamic PIPPO   
   crypto map PIPPO-crypto client authentication AuthClient   
   crypto map PIPPO-crypto interface outside   
   isakmp enable outside   
   isakmp identity address   
   isakmp policy 10 authentication pre-share   
   isakmp policy 10 encryption 3des   
   isakmp policy 10 hash md5   
   isakmp policy 10 group 2   
   isakmp policy 10 lifetime 86400   
      
   If I watch the debug to my PIX I see that there's 9 check to match the   
   ISAKMP policy   
      
   ISAKMP (0): Checking ISAKMP transform 1 against priority 10 policy   
   ISAKMP:      encryption... What? 7?   
   ISAKMP:      hash SHA   
   ISAKMP:      default group 2   
   ISAKMP:      extended auth pre-share   
   ISAKMP:      life type in seconds   
   ISAKMP:      life duration (VPI) of  0x0 0x20 0xc4 0x9b   
   ISAKMP:          attribute 3584   
   ISAKMP (0): atts are not acceptable. Next payload is 3   
   ISAKMP (0): Checking ISAKMP transform 2 against priority 10 policy   
   ISAKMP:      encryption... What? 7?   
   ISAKMP:      hash MD5   
   ISAKMP:      default group 2   
   ISAKMP:      extended auth pre-share   
   ISAKMP:      life type in seconds   
   ISAKMP:      life duration (VPI) of  0x0 0x20 0xc4 0x9b   
   ISAKMP:          attribute 3584   
   ISAKMP (0): atts are not acceptable. Next payload is 3   
   ISAKMP (0): Checking ISAKMP transform 3 against priority 10 policy   
   ISAKMP:      encryption... What? 7?   
   ISAKMP:      hash SHA   
   ISAKMP:      default group 2   
   ISAKMP:      auth pre-share   
   ISAKMP:      life type in seconds   
   ISAKMP:      life duration (VPI) of  0x0 0x20 0xc4 0x9b   
   ISAKMP:          attribute 3584   
   ISAKMP (0): atts are not acceptable. Next payload is 3   
   ISAKMP (0): Checking ISAKMP transform 4 against priority 10 policy   
      
   at the end it's all right   
      
   ISAKMP (0): Checking ISAKMP transform 9 against priority 10 policy   
   ISAKMP:      encryption 3DES-CBC   
   ISAKMP:      hash SHA   
   ISAKMP:      default group 2   
   ISAKMP:      extended auth pre-share   
   ISAKMP:      life type in seconds   
   ISAKMP:      life duration (VPI) of  0x0 0x20 0xc4   
      
   I want to know if this is normal or not   
      
   Thanks to everyone   
      
   Excuse me for my bad English   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca