I've created a VPN on a PIX 515e (6.3). When I telnet to the server on the remote network I get the "oak_conf_xauth" state when I sh isakmp sa. The isakmp entry is: isakmp key ******** address xxx.xxx.xxx.xxx netmask 255.255.255.255 no-xauth no-config-mode. I know the peer address and key are correct.
I've never seen this error message before, and there are no solutions on the Internet that I can find that adequately describes the message. Can anyone give me a concise explanation of what this error message means?
what version of OS are you running on your security appliance ? Is it a site-to-site VPN to another cisco device ?
since you have already given no-xauth & no-config-mode, it shouldnt authenticate further.. Try clearing the ISAKMP SA, to renegotiate parameters between the end points.. what is the state on other side of the VPN end point ? clear isakmp sa.. or you can probably remove the tunnel and recreate, which could sometimes solve this issue.. did u do you a debug crypto isakmp ? did it give you any indications ?