Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > VPN Cisco and certificate enrollment ?

Thread Tools

VPN Cisco and certificate enrollment ?

Posts: n/a

I have a Cisco 3005 VPN box (vpn3005-4.1.6.Rel-k9).
I have installed a CA certificate and I have enrolled
for a new certificate for the vpn box I have signed it
and inntalled it on the vpn box.
everything seems fine.
I have create my own CA and I have signed the certificate request for the
vpn box generated with the "enrollment" option, and installed the
certificate. Then I Created a personal certificate and installed it on
the VPN client software (version 4.0.5B).
I have properly configured the vpn box with the proper IPsec proposals
and SA as suggested by the Cisco guide
products_configuration_example09186a00800946f3.sht ml

when I try to authenticate with certifiacte from the client I got
this error:

4435 09/22/2004 13:57:47.080 SEV=8 IKEDBG/79 RPT=1185
Proposal # 1, Transform # 4, Type ISAKMP, Id IKE
Parsing received transform:
Phase 1 failure against global IKE proposal # 1:
Rcv'd Key Length attr class, but class is not cfg'd

so mt question is.
which kind of particular attributes must have a certificate ?
I Generated the certificatre for the vpn box and for
the client using the openssl defaults...

any suggestions ?

thank you very much


Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
c3725 - Win2003-CA enrollment problems jonwoh Cisco 2 04-01-2005 12:31 PM
MCT enrollment is now open! Ken Rosen [MS] MCSA 7 11-05-2004 07:50 PM
MCT enrollment is now open! Ken Rosen [MS] MCAD 7 11-05-2004 07:50 PM
MCT enrollment is now open! Ken Rosen [MS] MCDST 7 11-05-2004 07:50 PM
Setting up XP+IAS+Auto-enrollment wireless LAN? Al Blake Wireless Networking 2 09-29-2004 12:21 PM