Hello everybody,

Thank you for reading my post.

I am a newbie ini cisco, and I have a question for you:

Goal:

Connecting a VPN-3002 HW Client to a VPN-3005 Concentrator (managed by a different person)

Information provider by the Host:

- Peer: x.x.x.x

- Authentication ESP/MD5/HMAC-128

- Encryption: 3DES-168

- IKE Proposal: IKE-3DES-MD5

- Preshared Key: *********

Try-outs:

I have configured my private interface and my public interface, but I don't know how to specify the vpn3002 authentication. I have read cisco documentation and it specifies that authentification is not required for the vpn3002 (http://www.cisco.com/en/US/products/hw/vpndevc/ps2286/products_user_guide_chapter09186a00803ef6de.html)

Then, I am trying to connect to the host (vpn-3005) but I don't know where to replace the preshared key, and I am receiving the following error: Rxed Hash is incorrect: "Pre-shared key or Digital Signature mismatch".

Reading about that problem, I found the following (vpn3002 Getting started pdf document):

IPSec

If you use digital

certificates, you

do not need to

enter this

information.

Both of the following :

• The IKE peer address, that is, the IP address for the public

interface of the central-site VPN Concentrator to which this

VPN 3002 connects.

• IPSec group names, usernames, and passwords. These must

match the group names, usernames, and passwords configured

on the central-site VPN Concentrator

Questions:

What is exactly is a digital certificate??

How to load a digital certificate??

Does it have to be provided by the host concentrator???

Must the host concentrator admin provide a group name, user name and password???

Any comment is welcome,

Regards,

Jaime