[vpn-help] Cisco VPN
Jim Harle
vpn at technicolor.com
Mon Jul 29 13:45:14 CDT 2013
What problems are you having with the Cisco client, and which version is it? 32-bit or 64-bit?
Regarding the Shrew client, have you tried setting the NAT traversal to 'force-rfc' ?
From: vpn-help-bounces at lists.shrew.net<mailto:vpn-help-bounces at lists.shrew.net> [mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Goncalo Oliveira
Sent: Monday, July 29, 2013 7:23 AM
To: vpn-help at lists.shrew.net<mailto:vpn-help at lists.shrew.net>
Subject: Re: [vpn-help] Cisco VPN
Any ideas, anyone?
On 23 July 2013 14:15, Goncalo Oliveira <goncalo at minkan.net<mailto:goncalo at minkan.net>> wrote:
Hi there,
We've been working with Cisco VPN Client 5.0 for some time, though, after installing windows 8 this is not a stable option. So, Shrew came to the rescue. The login to the VPN is made through group authentication, so the configurations are as follows
General
Remote host
Host name or IP address: our provider vpn host name
Auto configuration: ike config pull
Local host
virtual adapter
Client
Firewall
NAT Traversal: enable
IKE fragmentation: enable
Other options
Enable dead peer detection: unchecked
Name resolution
DNS, automatically
WINS off
Authentication
Method: Mutual PSK + XAuth
Local identity
Identification type: Key identifier
Key ID string: our group name identifier
Remote identity
Identification type: any (also tried IP address)
Credentials
Pre shared key: our group password
Phase1
Exchange type: aggressive
DH Exchange: group 2
Phase 2
PFS Exchange: group 2 (also tried auto and disabled)
Phase 1 seems to go well, but phase 2 not so well, keeps writing 'config resend event schedule'.
I'm attaching the iked.log, as there might be something useful there.
Can anyone help me out on this?
Thanks.
Best regards
--
Gonçalo Oliveira
--
Gonçalo Oliveira
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20130729/385d3f1c/attachment.html>
More information about the vpn-help
mailing list