I have been sent a replacement VPN3000 concentrator due to an intermittent (unknown) fault and appear to have a problem with it's identity certificate. We use the VPN3000 for IPSec clients using RSA certificates, IPSec LAN2LAN using pre-shared-keys and WebVPN using an SSL certificate. We use Microsoft certificate services.
In order to replace the concentrator I exported the SSL Thawtre certificate to the new device and the Thawtre CA's, I installed our organisations CA certificate and enrollled with the CA to obtain an identity certificate. The WebVPN works fine but the VPN clients do not authenticate. I have checked through the config of both concentrators (as I am still using the old one) and there is no difference in the setup at all.
Cann anyone help me ?
I have attached a log from the VPN concentrator and the client when attempting to make a connection.