11-09-2001 07:02 AM - edited 02-21-2020 11:29 AM
Need advise from you.
Wee have Cisco 1750 IP/FW IPSEC 3DES
Wee have 2 fix tunnels with other IOS Boxes
Wee have Secure Client VPN 1.1 with NT4
Everything works well.
But now i need to config W2K with the integrated IPSec using MMC and so on.
I trying since two days to connect them.
ISAKMP with DES MD5 OK (QM IDLE)
Then:
(key eng. msg.) dest= a.a.a.a, src= b.b.b.b,
dest_proxy= a.a.a.a/255.255.255.255/0/0 (type=1),
src_proxy= b.b.b.b/255.255.255.255/0/0 (type=1),
protocol= ESP, transform= esp-des esp-md5-hmac ,
lifedur= 0s and 0kb,
spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x0
IPSEC(validate_transform_proposal): proxy identities not supported
There i am on the end of my mind and on my time to try .....
Priorty is changed before and after the other tunnels no change.
Hope somebody can help me,
Robert
P.S.: My additional config for the IOS
!
crypto isakmp policy 2
encryption des
hash md5
authentication pre-share
group 1
lifetime 300
exit
!
crypto isakmp key xyz1234 address 0.0.0.0
!
crypto ipsec transform-set vpn-transform esp-des esp-md5-hmac
mode transport
exit
!
crypto dynamic-map vpn-dynamic 2
set transform-set vpn-transform
match address 107
set security-association lifetime seconds 300
exit
!
ip local pool vpn-dial-pool c.c.c.c d.d.d.d
crypto isakmp client configuration address-pool local vpn-dial-pool
!
crypto map cm-cryptomap client configuration address initiate
crypto map cm-cryptomap client configuration address respond
crypto map cm-cryptomap 2 ipsec-isakmp dynamic vpn-dynamic
!
no access-list 107
access-list 107 permit ip host myHOST host remote Laptop
11-14-2001 02:55 PM
Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
If anyone else in the forum has some advice, please reply to this thread.
Thank you for posting.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide