Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   VPN Cisco and certificate enrollment ? (http://www.velocityreviews.com/forums/t35495-vpn-cisco-and-certificate-enrollment.html)

RJ45 09-22-2004 01:42 PM

VPN Cisco and certificate enrollment ?
 

Hello,
I have a Cisco 3005 VPN box (vpn3005-4.1.6.Rel-k9).
I have installed a CA certificate and I have enrolled
for a new certificate for the vpn box I have signed it
and inntalled it on the vpn box.
everything seems fine.
I have create my own CA and I have signed the certificate request for the
vpn box generated with the "enrollment" option, and installed the
certificate. Then I Created a personal certificate and installed it on
the VPN client software (version 4.0.5B).
I have properly configured the vpn box with the proper IPsec proposals
and SA as suggested by the Cisco guide

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/
products_configuration_example09186a00800946f3.sht ml

when I try to authenticate with certifiacte from the client I got
this error:

4435 09/22/2004 13:57:47.080 SEV=8 IKEDBG/79 RPT=1185
Proposal # 1, Transform # 4, Type ISAKMP, Id IKE
Parsing received transform:
Phase 1 failure against global IKE proposal # 1:
Rcv'd Key Length attr class, but class is not cfg'd

so mt question is.
which kind of particular attributes must have a certificate ?
I Generated the certificatre for the vpn box and for
the client using the openssl defaults...

any suggestions ?

thank you very much

Rick



All times are GMT. The time now is 12:11 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.