PIX 506E VPN error "Reason 433" (no one seems to know how to fix this)

Discussion in 'Cisco' started by Travis, Jul 19, 2005.

  1. Travis

    Travis Guest

    This is driving me nuts. I setup a ipsec/ike vpn on my cisco pix with the
    PDM wizard. It works great...., but when I get a 2nd user to connects to the
    PIX, it boots the 1st user off and gives this error code....

    "Secure VPN Connection terminated by Perr. Reason 433: (Reason Not Specified
    by Peer)"

    I'm using Cisco VPN client Version is "". It's installed on two
    Windows XP laptops (all windows updates) with no firewall. Windows XP
    firewall is turned off on both laptops.

    My PIX 506E info: PIX version 6.3(4), PDM 3.0(2)

    Any help would be great. I've looked all over cisco's site and the web....,
    and came up with nothing on this error code.
    Travis, Jul 19, 2005
  2. Travis

    mcaissie Guest

    How many IP addresses did you reserve in the ip local pool ?
    mcaissie, Jul 19, 2005
  3. Travis

    Travis Guest

    10 addresses

    Travis, Jul 19, 2005
  4. Hi Travis,

    Look to see if your laptop has something called "Network Bridge" under
    Network Connections.

    Try removing the "LAN Connections" from Network Bridge and see if it
    works now.

    Hope this helps,

    www.BradReese.Com, Jul 19, 2005
  5. Travis

    rave Guest

    this is a typical case of both laptops are sitting behind a nat/pat
    device. ifthat is the case then go to the PIX and type in the following
    isakmp nat-t

    This will allow multple connections from same nat/pat address with
    encapsulation with UDP 4500
    rave, Jul 19, 2005
  6. Travis

    Travis Guest


    After I entered the command "isakmp nat-t"
    I can now have as many people as I want connected to the vpn. I no longer
    get the Reason 433 error.

    Thanks for the help rave :)
    Travis, Jul 20, 2005
  7. Travis


    Nov 15, 2006
    I know this is an old thread but I am experiencing the same issue. My problem is I don't understand what is meant by "go to the PIX and type in the following command: isakmp nat-t" above. "Go to the PIX?" Can anyone explain this? As far as I can tell, the PIX is a device that I have no control over.
    monchr, Nov 15, 2006
