Hi !
I'm trying to setup a VPN betwen a Cisco PIX 501 (IOS 6.1.1) and a Raptor Firewall 6.5 on winnt 4 sp6.
I'm using IKE with pre-shared secret, I set DES and SHA-1 algorithms on both sides in tunnel mode.
With default timeout nothing works, the raptor log say :
*-*-*-*-*
- Mar 07 16:31:47.300 nt4srvus isakmpd[246]: 120 isakmpd Info: Sending Notification to peer 212.234.100.123
- Mar 07 16:31:47.300 nt4srvus isakmpd[246]: 120 isakmpd Info: Initiator, Failed to establish ISAKMP SA with peer 212.234.100.123[tunTemplate=NewSecure-Tunnel]
- Mar 07 16:32:01.941 nt4srvus isakmpd[246]: 120 isakmpd Info: Error while processing data rcvd from peer 212.234.100.123: (-3396) Invalid cookie in ISAKMP header.
- Mar 07 16:32:01.941 nt4srvus isakmpd[246]: 120 isakmpd Info: Error during isakmp sa negotiation with peer 212.234.100.123, status=IKMP_ERROR err=(-3396) Invalid cookie in ISAKMP header.
- Mar 07 16:32:02.712 nt4srvus isakmpd[246]: 120 isakmpd Info: Error while processing data rcvd from peer 212.234.100.123: (-3360) Shared Key file or entry for this peer in file does not exits.
- Mar 07 16:32:02.712 nt4srvus isakmpd[246]: 120 isakmpd Info: Error during isakmp sa negotiation with peer 212.234.100.123, status=IKMP_ERROR err=(-3360) Shared Key file or entry for this peer in file does not exits.
-*-*-*-*-*
I tried to change default timeout value of the pix to best match default raptor's values but it doesn't work anyway !
Does anyone has already done this type of network architecture ???
Can you give me advices or sample config files ??
thanx to all.
I'm trying to setup a VPN betwen a Cisco PIX 501 (IOS 6.1.1) and a Raptor Firewall 6.5 on winnt 4 sp6.
I'm using IKE with pre-shared secret, I set DES and SHA-1 algorithms on both sides in tunnel mode.
With default timeout nothing works, the raptor log say :
*-*-*-*-*
- Mar 07 16:31:47.300 nt4srvus isakmpd[246]: 120 isakmpd Info: Sending Notification to peer 212.234.100.123
- Mar 07 16:31:47.300 nt4srvus isakmpd[246]: 120 isakmpd Info: Initiator, Failed to establish ISAKMP SA with peer 212.234.100.123[tunTemplate=NewSecure-Tunnel]
- Mar 07 16:32:01.941 nt4srvus isakmpd[246]: 120 isakmpd Info: Error while processing data rcvd from peer 212.234.100.123: (-3396) Invalid cookie in ISAKMP header.
- Mar 07 16:32:01.941 nt4srvus isakmpd[246]: 120 isakmpd Info: Error during isakmp sa negotiation with peer 212.234.100.123, status=IKMP_ERROR err=(-3396) Invalid cookie in ISAKMP header.
- Mar 07 16:32:02.712 nt4srvus isakmpd[246]: 120 isakmpd Info: Error while processing data rcvd from peer 212.234.100.123: (-3360) Shared Key file or entry for this peer in file does not exits.
- Mar 07 16:32:02.712 nt4srvus isakmpd[246]: 120 isakmpd Info: Error during isakmp sa negotiation with peer 212.234.100.123, status=IKMP_ERROR err=(-3360) Shared Key file or entry for this peer in file does not exits.
-*-*-*-*-*
I tried to change default timeout value of the pix to best match default raptor's values but it doesn't work anyway !
Does anyone has already done this type of network architecture ???
Can you give me advices or sample config files ??
thanx to all.