Hi guys (Coremet, Duracel & SB), can you confirm this:
EAP-TLS need certificates on computer account and client account.
PEAP-MS-CHAPv2 need certificate from a commercial certification authority on the IAS and Windows Wireless Clients use ROOT CA certificates.
So, for EAP-TLS i don´t need to...
I'm in the same question. But have a output from my debug
ISAKMP : Checking IPSec proposal 1
ISAKMP: transform 1, ESP_DES
ISAKMP: attributes in transform:
ISAKMP: SA life type in seconds
ISAKMP: SA life duration (VPI) of 0x0 0x0 0xe 0x10
ISAKMP: encaps is 1
ISAKMP...
I had the same problem between a pix and cisco router 806 with Adsl (Dialer interface) with dynamic crypto map.
The dialer disconnect when the isp change the ip adress (dynamic). The crypto isamp take too much time to reconnect, if reconnected.
The solution was to set keepalive 1 (one second)...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.