Core issue
The error message received while connecting the Cisco VPN Client to the VPN 3000 Concentrator follows:
failed to establish secure connection to the security gateway
This error indicates a mismatch on the group password, which is set up between the VPN Client and the VPN Concentrator.
Resolution
To correct this problem, ensure that both passwords match.
If the passwords are changed to be the same, then you should not see this error message again.
The output below is an example of the log file on the VPN Concentrator. This log is seen on the concentrator, in addition to the error message seen on the VPN Client. The highlighted portion of the debugs indicate the group that was negotiated. The corresponding password for this group is the one that needs to be changed or verified.
293 11/28/2001 15:23:53.990 SEV=9 IKEDBG/0 RPT=175 10.64.10.6
Group [ciscogroup]
Processing Notify payload
294 11/28/2001 15:23:53.990 SEV=8 IKEDECODE/0 RPT=263 10.64.10.6
Notify Payload Decode :
DOI : IPSEC (1)
Protocol : ISAKMP (1)
Message : Invalid hash info (23)
Length : 12
298 11/28/2001 15:23:53.990 SEV=5 IKE/68 RPT=1 10.64.10.6
Group [ciscogroup]
Received non-routine Notify message: Invalid hash info (23)