|
Posted by sebaaaat on December 14, 2006, 5:07 am
If you were Registered and logged in, you could reply and use other advanced thread options
I'm trying to get a Nokia E60 Mobile VPN Client (Symbian 3rd) connected
to a Cisco PIX, but it doesn' work yet. The PIX-Policy has the lifetime
86400 sec. In the "debug crypto isakmp" I get the following line:
ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
ISAKMP (0): atts are not acceptable....
When I connect with a Cisco VPN Client, I get:
ISAKMP: life duration (VPI) of 0x0 0x20 0xc4
ISAKMP (0): atts are acceptable....
What do these hexadecimal numbers mean?
What do I have to change in the Policy of my Nokia VPN Client to get
accepted like the Cisco Client?
Here is my Nokia VPN Policy:
SECURITY_FILE_VERSION: 3
[INFO]
VPN-Policy for Nokia Mobile VPN Client v3.0.
[POLICY]
sa ipsec_1 = {
esp
encrypt_alg 3
auth_alg 3
identity_remote 0.0.0.0/0
src_specific
hard_lifetime_bytes 0
hard_lifetime_addtime 3600
hard_lifetime_usetime 3600
soft_lifetime_bytes 0
soft_lifetime_addtime 3600
soft_lifetime_usetime 3600
}
remote 0.0.0.0 0.0.0.0 = { ipsec_1(195.226.32.136) }
inbound = { }
outbound = { }
[IKE]
ADDR: 195.226.32.136 255.255.255.255
MODE: Aggressive
SEND_NOTIFICATION: TRUE
ID_TYPE: 11
FQDN: testgroup
GROUP_DESCRIPTION_II: MODP_1024
USE_COMMIT: FALSE
IPSEC_EXPIRE: FALSE
SEND_CERT: FALSE
INITIAL_CONTACT: FALSE
RESPONDER_LIFETIME: TRUE
REPLAY_STATUS: TRUE
USE_INTERNAL_ADDR: TRUE
USE_NAT_PROBE: FALSE
ESP_UDP_PORT: 0
NAT_KEEPALIVE: 60
USE_XAUTH: TRUE
USE_MODE_CFG: TRUE
REKEYING_THRESHOLD: 90
PROPOSALS: 1
ENC_ALG: 3DES-CBC
AUTH_METHOD: PRE-SHARED
HASH_ALG: SHA1
GROUP_DESCRIPTION: MODP_1024
GROUP_TYPE: DEFAULT
LIFETIME_KBYTES: 0
LIFETIME_SECONDS: 86400
PRF: NONE
PRESHARED_KEYS:
FORMAT: STRING_FORMAT
KEY: 7 testkey
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map