Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
310
Views
0
Helpful
1
Replies

Cannot negoticate tunnel using new cisco VPN client(4.0) to cisco 2611?

tkpsimon
Level 1
Level 1

‎05-19-2003 11:12 AM - edited ‎02-21-2020 12:33 PM

Labels:
0 Helpful
1 Reply 1

tkpsimon
Level 1
Level 1

‎05-20-2003 09:25 AM

This is an existing Cisco VPN client to 2611 VPN connection, some of my client upgrade their client software from 3.5.2 to 3.6.4/4.0.1, and they are unable to negoticate a tunnel with the 2611, and the follow log is what i got from the router

04:51:04: ISAKMP (0:2): Checking ISAKMP transform 7 against priority 3 policy

04:51:04: ISAKMP: encryption... What? 7?

04:51:04: ISAKMP: hash SHA

04:51:04: ISAKMP: default group 2

04:51:04: ISAKMP: auth pre-share

04:51:04: ISAKMP: life type in seconds

04:51:04: ISAKMP: life duration (VPI) of 0x0 0x20 0xC4 0x9B

04:51:04: ISAKMP: attribute 14

04:51:04: ISAKMP (0:2): Encryption algorithm offered does not match policy!

04:51:04: ISAKMP (0:2): atts are not acceptable. Next payload is 3

04:51:04: ISAKMP (0:2): Checking ISAKMP transform 8 against priority 3 policy

04:51:04: ISAKMP: encryption... What? 7?

04:51:04: ISAKMP: hash MD5

04:51:04: ISAKMP: default group 2

04:51:04: ISAKMP: auth pre-share

04:51:04: ISAKMP: life type in seconds

04:51:04: ISAKMP: life duration (VPI) of 0x0 0x20 0xC4 0x9B

04:51:04: ISAKMP: attribute 14

04:51:04: ISAKMP (0:2): Encryption algorithm offered does not match policy!

04:51:04: ISAKMP (0:2): atts are not acceptable. Next payload is 3

04:51:04: ISAKMP (0:2): Checking ISAKMP transform 9 against priority 3 policy

04:51:04: ISAKMP: encryption 3DES-CBC

04:51:04: ISAKMP: hash SHA

04:51:04: ISAKMP: default group 2

04:51:04: ISAKMP: auth XAUTHInitPreShared

04:51:04: ISAKMP: life type in seconds

04:51:04: ISAKMP: life duration (VPI) of 0x0 0x20 0xC4 0x9B

04:51:04: ISAKMP (0:2): Encryption algorithm offered does not match policy!

04:51:04: ISAKMP (0:2): atts are not acceptable. Next payload is 3

04:51:04: ISAKMP (0:2): Checking ISAKMP transform 10 against priority 3 policy

04:51:04: ISAKMP: encryption 3DES-CBC

04:51:04: ISAKMP: hash MD5

04:51:04: ISAKMP: default group 2

04:51:04: ISAKMP: auth XAUTHInitPreShared

04:51:04: ISAKMP: life type in seconds

04:51:04: ISAKMP: life duration (VPI) of 0x0 0x20 0xC4 0x9B

04:51:04: ISAKMP (0:2): Encryption algorithm offered does not match policy!

04:51:04: ISAKMP (0:2): atts are not acceptable. Next payload is 3

I have try to modify the router SA to match with the one above, but still not matching with it. any suggestion would be appreciate!

Simon

0 Helpful
Customers Also Viewed These Support Documents