09-11-2004 08:52 PM - edited 02-21-2020 01:20 PM
Unable to connect VPN3002 Hardware Client to VPN3030 Concentrator. VPN3002 using same user group at Software clients and they are able to connect. VPN3002 in NEM, follow error from client:
420 09/12/2004 00:20:14.300 SEV=4 IKE/41 RPT=55 XXX.XXX.XXX.XXX
IKE Initiator: New Phase 1, Intf 2, IKE Peer XXX.XXX.XXX.XXX
local Proxy Address XXX.XXX.XXX.XXX, remote Proxy Address XXX.XXX.XXX.XXX,
SA (ESP-3DES-MD5)
423 09/12/2004 00:20:14.300 SEV=5 IP/45 RPT=33
Client transmitting TCP SYN pkt to device XXX.XXX.XXX.XXX on TCP src port 12465,
dst port 10000
425 09/12/2004 00:20:34.300 SEV=5 IP/36 RPT=33
Client fails to connect to headend device XXX.XXX.XXX.XXX on TCP port 10000.
VPN3030 Error message:
10369 09/12/2004 00:07:07.560 SEV=5 IKEDBG/64 RPT=162 XXX.XXX.XXX.XXX
IKE Peer included IKE fragmentation capability flags:
Main Mode: True
Aggressive Mode: True
09-16-2004 08:17 AM
Since you are using NEM, make sure to go under the groups HW client tab on the 3030 and check Allow Network Extension
Mode.
09-16-2004 11:07 AM
Allow network extension mode is checked. Could this be an issue with UDP port 10000 not being open all the way through?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide