Hi,
Windows XP VPN Client tries to connect to PIX 506 using L2TP with Certificate and gets error message 678: The remote computer did not respond.
ISAKMP: reserved not zero on payload 5!
but this message applicable when we use isakmp authe pre-share, however I use isakmp authe rsa-sig. Here is the output:
ISAKMP (0): processing ID payload. message ID = 0
ISAKMP (0): processing CERT payload. message ID = 0
ISAKMP (0): processing a CT_X509_SIGNATURE cert
ISAKMP (0): cert approved with warning
ISAKMP (0): processing SIG payload. message ID = 0
ISAKMP (0): processing CERT_REQ payload. message ID = 0
ISAKMP (0): peer wants a CT_X509_SIGNATURE cert
ISAKMP (0): SA has been authenticated
ISAKMP: transform 2, ESP_3DES
ISAKMP: attributes in transform:
ISAKMP: SA life type in seconds
ISAKMP: SA life duration (VPI) of 0x0 0x0 0xe 0x10
ISAKMP: SA life type in kilobytes
ISAKMP: SA life duration (VPI) of 0x0 0x3 0xd0 0x90
ISAKMP: encaps is 2
ISAKMP: authenticator is HMAC-SHA
ISAKMP (0): atts are acceptable.IPSEC(validate_proposal_request): proposal part #1,
(key eng. msg.) dest= 10.0.0.200, src= 10.0.1.228,
dest_proxy= 10.0.0.200/255.255.255.255/17/0 (type=1),
src_proxy= 10.0.1.228/255.255.255.255/17/1701 (type=1),
protocol= ESP, transform= esp-3des esp-sha-hmac ,
lifedur= 0s and 0kb,
spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x200
ISAKMP (0): processing NONCE payload. message ID = 3542836878
ISAKMP (0): processing ID payload. message ID = 3542836878
ISAKMP (0): ID_IPV4_ADDR src 10.0.1.228 prot 17 port 1701
ISAKMP (0): processing ID payload. message ID = 3542836878
ISAKMP (0): ID_IPV4_ADDR dst 10.0.0.200 prot 17 port 0IPSEC(key_engine): got a queue event...
IPSEC(spi_response): getting spi 0xaf63d625(2942555685) for SA
from 10.0.1.228 to 10.0.0.200 for prot 3
return status is IKMP_NO_ERROR
crypto_isakmp_process_block:src:10.0.1.228, dest:10.0.0.200 spt:500 dpt:500
ISAKMP (0): processing DELETE payload. message ID = 2101323035, spi size = 16
ISAKMP (0): deleting SA: src 10.0.1.228, dst 10.0.0.200
return status is IKMP_NO_ERR_NO_TRANS
crypto_isakmp_process_block:src:10.0.1.228, dest:10.0.0.200 spt:500 dpt:500
ISAKMP: drop msg for deleted sa
ISADB: reaper checking SA 0xdd7c1c, conn_id = 0 DELETE IT!
VPN Peer: ISAKMP: Peer ip:10.0.1.228/500 Ref cnt decremented to:0 Total VPN Peers:1
VPN Peer: ISAKMP: Deleted peer: ip:10.0.1.228/500 Total VPN peers:0
Please, tell me what is going wrong?