[vpn-help] Cisco VPN

[Goncalo Oliveira]

Hi there,

We've been working with Cisco VPN Client 5.0 for some time, though, after
installing windows 8 this is not a stable option. So, Shrew came to the
rescue. The login to the VPN is made through group authentication, so the
configurations are as follows

General
Remote host
Host name or IP address: our provider vpn host name
Auto configuration: ike config pull
Local host
virtual adapter

Client
Firewall
NAT Traversal: enable
IKE fragmentation: enable
Other options
Enable dead peer detection: unchecked

Name resolution
DNS, automatically
WINS off

Authentication
Method: Mutual PSK + XAuth
Local identity
Identification type: Key identifier
Key ID string: our group name identifier
Remote identity
Identification type: any (also tried IP address)
Credentials
Pre shared key: our group password

Phase1
Exchange type: aggressive
DH Exchange: group 2

Phase 2
PFS Exchange: group 2 (also tried auto and disabled)



Phase 1 seems to go well, but phase 2 not so well, keeps writing 'config
resend event schedule'.
I'm attaching the iked.log, as there might be something useful there.

Can anyone help me out on this?

Thanks.
Best regards


-- 
Gonçalo Oliveira
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20130723/9db08a3d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: iked-traced.zip
Type: application/zip
Size: 5545 bytes
Desc: not available
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20130723/9db08a3d/attachment.zip>