Having Problems connecting through VPN

Discussion in 'Cisco' started by Shani718@gmail.com, Mar 28, 2006.

  1. Guest

    the following is the vpn client log:

    Cisco Systems VPN Client Version 4.7.00.0533
    Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
    Client Type(s): Windows, WinNT
    Running on: 5.1.2600 Service Pack 2
    Config file directory: C:\Program Files\Cisco Systems\VPN Client

    1 16:22:55.328 03/28/06 Sev=Warning/3 IKE/0xE3000056
    The received HASH payload cannot be verified

    2 16:22:55.328 03/28/06 Sev=Warning/2 IKE/0xE300007D
    Hash verification failed... may be configured with invalid group
    password.

    3 16:22:55.328 03/28/06 Sev=Warning/2 IKE/0xE3000099
    Failed to authenticate peer (Navigator:904)

    4 16:22:55.328 03/28/06 Sev=Warning/2 IKE/0xE30000A5
    Unexpected SW error occurred while processing Aggressive Mode
    negotiator:(Navigator:2202)
     
    , Mar 28, 2006
    #1
    1. Advertising

  2. In article <>,
    <> wrote:
    >the following is the vpn client log:


    >Cisco Systems VPN Client Version 4.7.00.0533


    >1 16:22:55.328 03/28/06 Sev=Warning/3 IKE/0xE3000056
    >The received HASH payload cannot be verified


    >2 16:22:55.328 03/28/06 Sev=Warning/2 IKE/0xE300007D
    >Hash verification failed... may be configured with invalid group
    >password.


    You did not give us much information to go on, but
    what you did post suggests...

    That you are using the wrong group password

    The group name that you need to use is the name you gave the
    'vpngroup'. The group password that you need to use is in
    'password' clause of your 'vpngroup' configuration.

    If that doesn't help, we will need more information, such as the
    platform you are connecting to, the software version for that
    platform, and all information from the configuration that is related
    to VPNs (make sure you edit out any password information.)
     
    Walter Roberson, Mar 29, 2006
    #2
    1. Advertising

  3. Guest

    Thank you. My VPN is now working.
     
    , Mar 29, 2006
    #3
  4. iulikia

    Joined:
    Jan 7, 2011
    Messages:
    1
    Hey guys! Please help me on this one...as I got pretty stuck on it on my own..I encounter the same error log messages when trying to connect to a VPN server using a VPN client version 5.0.00.0340:

    Attempting to establish a connection with 200.100.50.173.
    122 12:48:30.350 01/07/11 Sev=Info/4 IKE/0x63000013
    SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Unity)) to 200.100.50.173
    123 12:48:30.350 01/07/11 Sev=Info/4 IPSEC/0x63700008
    IPSec driver successfully started
    124 12:48:30.350 01/07/11 Sev=Info/4 IPSEC/0x63700014
    Deleted all keys
    125 12:48:30.585 01/07/11 Sev=Info/5 IKE/0x6300002F
    Received ISAKMP packet: peer = 200.100.50.173
    126 12:48:30.585 01/07/11 Sev=Info/4 IKE/0x63000014
    RECEIVING <<< ISAKMP OAK AG (SA, VID(Unity), VID(dpd), VID(?), VID(Xauth), KE, ID, NON, HASH) from 200.100.50.173
    127 12:48:30.585 01/07/11 Sev=Info/5 IKE/0x63000001
    Peer is a Cisco-Unity compliant peer
    128 12:48:30.585 01/07/11 Sev=Info/5 IKE/0x63000001
    Peer supports DPD
    129 12:48:30.585 01/07/11 Sev=Info/5 IKE/0x63000001
    Peer supports DWR Code and DWR Text
    130 12:48:30.585 01/07/11 Sev=Info/5 IKE/0x63000001
    Peer supports XAUTH
    131 12:48:30.585 01/07/11 Sev=Warning/3 IKE/0xE3000057
    The received HASH payload cannot be verified
    132 12:48:30.600 01/07/11 Sev=Warning/2 IKE/0xE300007E
    Hash verification failed... may be configured with invalid group password.
    133 12:48:30.600 01/07/11 Sev=Warning/2 IKE/0xE300009B
    Failed to authenticate peer (Navigator:904)
    134 12:48:30.600 01/07/11 Sev=Info/4 IKE/0x63000013
    SENDING >>> ISAKMP OAK INFO (NOTIFY:INVALID_HASH_INFO) to 200.100.50.173


    My topology is a very basic one, as I am trying this for educational reason. It's built in GNS3:
    - 2 routers 3700 : one of them holds the VPN server configuration and the other would be the ISP through which the remote worker would try to establish a VPN connection. Below is the VPN server configuration:
    !
    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname VPNserver
    !
    boot-start-marker
    boot-end-marker
    !
    !
    aaa new-model
    !
    !
    aaa authentication login vpn_remote_user local
    aaa authorization network vpn_remote_isakmp local
    !
    aaa session-id common
    memory-size iomem 5
    ip cef
    !
    !
    !
    !
    ip auth-proxy max-nodata-conns 3
    ip admission max-nodata-conns 3
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    username usr password 0 pass
    !
    !
    !
    !
    crypto isakmp policy 2
    encr aes
    authentication pre-share
    group 2
    !
    crypto isakmp client configuration group grup1
    key cheie
    pool remote_ipsec_user
    !
    !
    crypto dynamic-map dynmap1 2
    reverse-route
    !
    !
    crypto map map1 client authentication list vpn_remote_user
    crypto map map1 isakmp authorization list vpn_remote_isakmp
    crypto map map1 client configuration address respond
    crypto map map1 2 ipsec-isakmp dynamic dynmap1
    !
    !
    !
    !
    interface FastEthernet0/0
    ip address 200.100.50.1 255.255.255.240
    duplex auto
    speed auto
    !
    interface Serial0/0
    ip address 200.100.50.173 255.255.255.252
    clock rate 2000000
    crypto map map1
    !
    interface FastEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    interface Serial0/1
    no ip address
    shutdown
    clock rate 2000000
    !
    ip local pool remote_ipsec_user 192.168.1.10 192.168.1.20
    ip forward-protocol nd
    ip route 200.100.50.32 255.255.255.240 Serial0/0
    !
    !
    ip http server
    no ip http secure-server
    !
    !
    !
    !
    control-plane
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    line con 0
    line aux 0
    line vty 0 4
    !
    !
    end


    Behind the second router there is a virtual XP machine on which I have installed the VPN client..

    My connection entry in the client is having the following parameters:
    Host: 200.100.50.173 //which is the IP of the VPNserver
    Authentication -> Group Authentication -> Name : grup1 Password : pass // I am absolutely positive that I typed in the correct password...even though the log messages are related to a faulty authentication credentials.

    I have been using only public addresses, as I have noticed there is an issue concerning behind NAT VPN connections and not being very familiar to NAT configuration [CCNA3 level:)]..

    Another aspect that might be of any importance is that "Enable Transport Tunneling" from within Transport tab of the Connection entry is disabled.

    Thank you..
     
    iulikia, Jan 7, 2011
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Lars Bebensee
    Replies:
    0
    Views:
    1,036
    Lars Bebensee
    Feb 12, 2004
  2. Thor
    Replies:
    4
    Views:
    433
  3. Shauhnathan

    I am having issues connecting my camera to my comp....

    Shauhnathan, Feb 23, 2007, in forum: Digital Photography
    Replies:
    12
    Views:
    520
    David J Taylor
    Feb 24, 2007
  4. malfuriouspete

    Problems connecting to internet through my wireless network

    malfuriouspete, Feb 18, 2008, in forum: Wireless Networking
    Replies:
    8
    Views:
    989
    Barb Bowman
    Jun 2, 2008
  5. Steve Pfister
    Replies:
    0
    Views:
    215
    Steve Pfister
    Feb 7, 2014
Loading...

Share This Page