Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1118
Views
0
Helpful
1
Replies

VPN connection through Watchguard Firebox 500

bberry
Level 1
Level 1

‎08-20-2007 08:19 AM - edited ‎02-21-2020 03:13 PM

I have a traveling user that is attempting to connect using his VPN. The location where he is connecting has a Watchguard Firebox firewall. He is connecting to a 3020 oncentrator.

When he tries to connect the concentrator reports phase one and phase 2 completing then in about 30 seconds reports a disconnect from the peer. All that I currently have access to are the logs from the concentrator. Does anyone know what I may need to get the admin for the Watchguard to verify??

Here is what I am seeing from the client ...

Cisco Systems VPN Client Version 5.0.01.0600

Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Windows, WinNT

Running on: 6.0.6000

Config file directory: C:\Program Files\Cisco Systems\VPN Client\

Cisco Systems VPN Client Version 5.0.01.0600

Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Windows, WinNT

Running on: 6.0.6000

Config file directory: C:\Program Files\Cisco Systems\VPN Client\

1 11:24:01.957 08/20/07 Sev=Warning/2 CVPND/0xE3400013

AddRoute failed to add a route: code 5010

Destination 0.0.0.0

Netmask 0.0.0.0

Gateway 192.168.49.1

Interface 192.168.49.27

2 11:24:01.957 08/20/07 Sev=Warning/2 CM/0xA3100024

Unable to add route. Network: 0, Netmask: 0, Interface: c0a8311b, Gateway: c0a83101.

3 11:24:01.957 08/20/07 Sev=Warning/2 CVPND/0xA3400015

Error with call to IpHlpApi.DLL: DeleteIpForwardEntry, error 1168

4 11:24:01.957 08/20/07 Sev=Warning/2 CM/0xA3100025

Unable to delete route. Network: c0a86eff, Netmask: ffffffff, Interface: c0a86e17, Gateway: c0a86e17.

5 11:25:44.714 08/20/07 Sev=Warning/3 IKE/0xE3000066

Could not find an IKE SA for 172.16.4.243. KEY_REQ aborted.

6 11:25:44.714 08/20/07 Sev=Warning/2 IKE/0xE300009B

Failed to initiate P2 rekey: Error dectected (Initiate:176)

7 11:25:44.714 08/20/07 Sev=Warning/2 IKE/0xE300009B

Unable to initiate QM (IKE_MAIN:458)

Labels:
0 Helpful
1 Reply 1

didyap
Level 6
Level 6

‎08-24-2007 12:25 PM

RSA SecurID authentication methods include physical RSA SecurID cards and keychain fobs, and PC software called RSA SecurID for passcode generation. RSA SecurID cards can vary. The passcode might be combination of a PIN and a card code, or you might be required to enter a PIN on the card to display the passcode. Ask your network administrator for the correct procedure. When you use RSA SecurID passcodes for authentication:

The process varies slightly for different operating systems. If you use physical RSA SecurID cards or keychain fobs, the VPN Client displays the appropriate RSA user authentication dialog box. If you use RSA SecurID for passcode generation, it must be running on your workstation

0 Helpful
Customers Also Viewed These Support Documents