About lchen2

lchen2 · 04-14-2004

"phase 2 packet is a duplicate of a previous packet " means the client had passed the isakmp policy phase (phase 1). Something wrong with the xauth (phase 2). Try to use the LOCAL authen for the xauth. If that works ok with LOCAL, something wrong b/t...

lchen2 · 04-14-2004

On cisco IOS routers and PIX, only permit statements of the ACL will be downloaded to the vpn client as the splittunneling policy. Deny statements are simply ignored.

lchen2 · 04-14-2004

What new feature you are refering to?I haven't heard anything yet from the developement that this is going to be supported.

lchen2 · 04-12-2004

Not possible with PIX. This can be done only on vpn3000 concentrator.

lchen2 · 04-12-2004

You can still do NAT after IPSec encryption. The key here is to use protocol ESP not AH as AH would authenticate the ip header and NATting the ip address would fail the AH authentication.The link on CCO will work. Just one more thing, when configurin...

Member Since	‎04-12-2004 05:19 PM
Date Last Visited	‎08-18-2017 03:51 AM
Posts	44
Total Helpful Votes Received	5

User Statistics

User Activity

Re: Cisco vpn client error during radius authetication

Re: PIX split-tunnel VPN for software vpn clients

Re: PIX split-tunnel VPN for software vpn clients

Re: PIX split-tunnel VPN for software vpn clients

Re: IPSec and NAT