Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco Pix to Win2K

Status
Not open for further replies.
ChrisSayles

ChrisSayles

MIS
Nov 11, 2002
2
0
0
GB
I am trying to setup a Cisco Pix to Win2k VPN. I have followed the Configuring IPSec Between a Microsoft Windows 2000 Server and a Cisco Device
I have set this up to the book and am still having no joy, do anybody know if something has to be added to Rras to make this work. Thanks for youre help

Chris Sayles
 
Sort by date Sort by votes
I'm in the same question. But have a output from my debug

ISAKMP : Checking IPSec proposal 1
ISAKMP: transform 1, ESP_DES
ISAKMP: attributes in transform:
ISAKMP: SA life type in seconds
ISAKMP: SA life duration (VPI) of 0x0 0x0 0xe 0x10
ISAKMP: encaps is 1
ISAKMP: authenticator is HMAC-MD5
ISAKMP (0): atts are acceptable.IPSEC(validate_proposal_request): proposal part
#1,
(key eng. msg.) dest= A.A.A.A, src= B.B.B.B,
dest_proxy= 10.0.0.0/255.0.0.0/0/0 (type=4),
src_proxy= 0.0.0.0/0.0.0.0/0/0 (type=4),
protocol= ESP, transform= esp-des esp-md5-hmac ,
lifedur= 0s and 0kb,
spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x4
IPSEC(validate_transform_proposal): proxy identities not supported
IPSEC(validate_proposal_request): proposal part #1,
(key eng. msg.) dest= A.A.A.A, src= B.B.B.B,
dest_proxy= 0.0.0.0/0.0.0.0/0/0 (type=4),
src_proxy= 10.0.0.0/255.0.0.0/0/0 (type=4),
protocol= ESP, transform= esp-des esp-md5-hmac ,
lifedur= 0s and 0kb,
spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x4
IPSEC(validate_transform_proposal): proxy identities not supported
ISAKMP: IPSec policy invalidated proposal
ISAKMP (0): SA not acceptable!
ISAKMP (0): sending NOTIFY message 14 protocol 3
return status is IKMP_ERR_NO_RETRANS
ISADB: reaper checking SA 0x80b15658, conn_id = 0
ISADB: reaper checking SA 0x80b069c0, conn_id = 0 DELETE IT!
VPN Peer: ISAKMP: Peer ip:B.B.B.B Ref cnt decremented to:3


Anybody can help me with this output???
It seems to do phase I, but don't phase II



 
Upvote 0 Downvote
I've been attempting the same with a PIX 515.
From my research the problem is with Win2K, as the MS VPN client does not support connection to Cisco equipment.

For more info, see Technet ( article 249576.

Instead I am now looking at using the Cisco VPN client with Win2K.
 
Upvote 0 Downvote
I'm having the same problem, and can't find an answer to one question. What is the cost for the Cisco client?
 
Upvote 0 Downvote
Sorry, I don't now. The PIX was installed by my predecessor with an external consultant company. Due to problems at the time the Cisco VPN client was "thrown in".
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
146
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
146
Johnkite
Johnkite
MottoK
  • Locked
  • Question
Cisco ISE blank GUI
Replies
0
Views
109
MottoK
MottoK
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
150
intel233
intel233
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
161
intel233
intel233

Part and Inventory Search

Sponsor

Back
Top