Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
276
Views
0
Helpful
2
Replies

Message VPN client

francisco.gala
Level 1
Level 1

ā€Ž12-17-2004 03:28 AM - edited ā€Ž02-21-2020 01:30 PM

Hi,

When I try to connect to PIX with cisco client VPN, I can not connect. The los cisco client VPN show the following message:

"Received malformed message or negotiation no longer active"

What is meaning?

Labels:
0 Helpful
2 Replies 2

pkapoor
Level 3
Level 3

ā€Ž12-17-2004 08:55 AM

Check your passwords and group names.

If it still does not connect, then post us the PIX configuration to which you are connecting.

0 Helpful

francisco.gala
Level 1
Level 1
In response to pkapoor

ā€Ž12-20-2004 07:33 AM

I give you the PIX configuration VPN:

- access-list vpnlist permit ip INSBARCELONA 255.255.0.0 172.16.8.0 255.255.255.0

-access-list vpnlist permit ip 172.16.8.0 255.255.255.0 INSBARCELONA 255.255.0.0

- nat (inside) 0 access-list tuneles (this is a group name acessĀ“list VPN where is include vpnlist)

-crypto ipsec transform-set VPNdes esp-des esp-sha-hmac

crypto dynamic-map MarmedsaMap 10 set transform-set VPNdes

crypto map VPNmap 20 ipsec-isakmp

crypto map VPNmap 20 match address csavlist

crypto map VPNmap 20 set peer OUTCSAV

crypto map VPNmap 20 set transform-set VPNdes

crypto map VPNmap 30 ipsec-isakmp

crypto map VPNmap 30 match address edicom

crypto map VPNmap 30 set peer OUTEDICOM1

crypto map VPNmap 30 set transform-set VPNdes

crypto map VPNmap 40 ipsec-isakmp

crypto map VPNmap 40 match address opdrlist

crypto map VPNmap 40 set peer OUTOPDR

crypto map VPNmap 40 set transform-set VPNdes

crypto map VPNmap 50 ipsec-isakmp dynamic MarmedsaMap

crypto map VPNmap interface outside

isakmp enable outside

isakmp key ******** address OUTCSAV netmask 255.255.255.255 no-xauth no-config-mode

isakmp key ******** address OUTEDICOM1 netmask 255.255.255.255 no-xauth no-config-mode

isakmp key ******** address OUTOPDR netmask 255.255.255.255 no-xauth no-config-mode

isakmp identity address

isakmp nat-traversal 20

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash sha

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

isakmp policy 20 authentication pre-share

isakmp policy 20 encryption des

isakmp policy 20 hash sha

isakmp policy 20 group 1

isakmp policy 20 lifetime 86400

vpngroup groupsistemes address-pool vpnsistemes

vpngroup groupsistemes dns-server INSOFIBCNSRV

vpngroup groupsistemes wins-server INSOFIBCNSRV

vpngroup groupsistemes default-domain marmedsa.com

vpngroup groupsistemes split-tunnel vpnlist

vpngroup groupsistemes idle-time 1800

vpngroup groupsistemes password ********

I can connect when I use ADSL but with Dial-up I can without any problem.

0 Helpful
Customers Also Viewed These Support Documents