Connecting to a PIX firewall using cisco VPM client though a Linksys WAG54G with eth firewall enable

Discussion in 'Cisco' started by Phil, Dec 11, 2004.

  1. Phil

    Phil Guest

    I have a Linksys WAG54G wireless ADSL rouer.

    I can connect to my companies PIX firewall using the Cisco VPN client if I
    disable its internat firewall.
    When the Linksys firewall is enabled the VPN fails on the IKE

    I have triedd using the gaming options to open up port 500 but it still
    doesn't work.

    Client trace below with IP address removed.

    Cheers,

    Philip


    Cisco Systems VPN Client Version 4.0.3 (F)
    Copyright (C) 1998-2003 Cisco Systems, Inc. All Rights Reserved.
    Client Type(s): Windows, WinNT
    Running on: 5.1.2600

    1 17:02:35.750 12/11/04 Sev=Info/4 CM/0x63100002
    Begin connection process

    2 17:02:35.840 12/11/04 Sev=Info/4 CM/0x63100004
    Establish secure connection using Ethernet

    3 17:02:35.840 12/11/04 Sev=Info/4 CM/0x63100024
    Attempt connection with server "***.***.***.***"

    4 17:02:35.900 12/11/04 Sev=Info/6 IKE/0x6300003B
    Attempting to establish a connection with ***.***.***.***.

    5 17:02:39.926 12/11/04 Sev=Info/4 IKE/0x63000013
    SENDING >>> ISAKMP OAK MM (SA, VID(Xauth), VID(dpd), VID(Nat-T), VID(Frag),
    VID(Unity)) to ***.***.***.***

    6 17:02:40.076 12/11/04 Sev=Info/4 IPSEC/0x63700008
    IPSec driver successfully started

    7 17:02:40.076 12/11/04 Sev=Info/4 IPSEC/0x63700014
    Deleted all keys

    8 17:02:40.357 12/11/04 Sev=Info/5 IKE/0x6300002F
    Received ISAKMP packet: peer = ***.***.***.***

    9 17:02:40.357 12/11/04 Sev=Info/4 IKE/0x63000014
    RECEIVING <<< ISAKMP OAK MM (SA) from 202.65.16.6

    10 17:02:40.377 12/11/04 Sev=Info/6 IKE/0x63000001
    IOS Vendor ID Contruction successful

    11 17:02:40.377 12/11/04 Sev=Info/4 IKE/0x63000013
    SENDING >>> ISAKMP OAK MM (KE, NON, VID(?), VID(Unity)) to ***.***.***.***

    12 17:02:40.537 12/11/04 Sev=Info/5 IKE/0x6300002F
    Received ISAKMP packet: peer = ***.***.***.***

    13 17:02:40.537 12/11/04 Sev=Info/4 IKE/0x63000014
    RECEIVING <<< ISAKMP OAK MM (KE, NON, CERT_REQ, VID(Xauth), VID(dpd),
    VID(Unity), VID(?)) from ***.***.***.***

    14 17:02:40.537 12/11/04 Sev=Info/5 IKE/0x63000001
    Peer supports XAUTH

    15 17:02:40.537 12/11/04 Sev=Info/5 IKE/0x63000001
    Peer supports DPD

    16 17:02:40.537 12/11/04 Sev=Info/5 IKE/0x63000001
    Peer is a Cisco-Unity compliant peer

    17 17:02:40.537 12/11/04 Sev=Info/5 IKE/0x63000081
    Received IOS Vendor ID with unknown capabilities flag 0x00000025

    18 17:02:46.496 12/11/04 Sev=Info/4 IKE/0x63000013
    SENDING >>> ISAKMP OAK MM *(ID, CERT, CERT_REQ, SIG,
    NOTIFY:STATUS_INITIAL_CONTACT) to ***.***.***.***

    19 17:02:51.503 12/11/04 Sev=Info/4 IKE/0x63000021
    Retransmitting last packet!

    20 17:02:51.503 12/11/04 Sev=Info/4 IKE/0x63000013
    SENDING >>> ISAKMP OAK MM *(Retransmission) to ***.***.***.***

    21 17:02:55.539 12/11/04 Sev=Info/5 IKE/0x6300002F
    Received ISAKMP packet: peer = ***.***.***.***

    22 17:02:55.539 12/11/04 Sev=Info/4 IKE/0x63000014
    RECEIVING <<< ISAKMP OAK MM (Retransmission) from ***.***.***.***

    23 17:02:55.539 12/11/04 Sev=Info/4 IKE/0x63000021
    Retransmitting last packet!

    24 17:02:55.539 12/11/04 Sev=Info/4 IKE/0x63000013
    SENDING >>> ISAKMP OAK MM *(Retransmission) to ***.***.***.***

    25 17:03:01.017 12/11/04 Sev=Info/4 IKE/0x63000021
    Retransmitting last packet!

    26 17:03:01.017 12/11/04 Sev=Info/4 IKE/0x63000013
    SENDING >>> ISAKMP OAK MM *(Retransmission) to ***.***.***.***

    27 17:03:06.024 12/11/04 Sev=Info/4 IKE/0x63000017
    Marking IKE SA for deletion (I_Cookie=C7C3BD1FDE5E3B1F
    R_Cookie=98C52F2232E603EE) reason = DEL_REASON_PEER_NOT_RESPONDING
     
    Phil, Dec 11, 2004
    #1
    1. Advertising

  2. In article <3gwud.321$>,
    Phil <> wrote:
    :I have a Linksys WAG54G wireless ADSL rouer.

    :I can connect to my companies PIX firewall using the Cisco VPN client if I
    :disable its internat firewall.
    :When the Linksys firewall is enabled the VPN fails on the IKE

    On the PIX, ensure that isakmp nat-traversal 20 is set.
    That command is supported from 6.3(1) as I recall.
    --
    Admit it -- you peeked ahead to find out how this message ends!
     
    Walter Roberson, Dec 11, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Clayton

    Linksys WAG54G Wireless Router & PCMCIA Wireless Card

    Clayton, Dec 6, 2004, in forum: Wireless Networking
    Replies:
    5
    Views:
    3,085
    Clayton
    Dec 10, 2004
  2. nospam

    Loss of DNS/ARP responses from Linksys WAG54G

    nospam, Feb 12, 2005, in forum: Wireless Networking
    Replies:
    6
    Views:
    2,660
    nospam
    Feb 15, 2005
  3. Ronnie
    Replies:
    2
    Views:
    3,427
  4. Systematic

    Cisco 837 IPSEC Linksys WAG54g

    Systematic, Jul 11, 2005, in forum: Cisco
    Replies:
    3
    Views:
    1,295
    Uli Link
    Jul 11, 2005
  5. kreck621

    Cisco PIX 506e VPM

    kreck621, Sep 10, 2007, in forum: Hardware
    Replies:
    1
    Views:
    844
    arunkumarv26
    Sep 14, 2007
Loading...

Share This Page