Hello All,
I'm having a heck of a time getting the Win2K IPSec client (Native
Win2K) to establish a tunnel with my PIX firewall. Has anyone successfully
done this? Some of the basic facts are:
PIX OS: 5.3(1)
Pre-Shared Keys (At least for now)
ESP Integrity=MD5
ESP Encryption=DES
Hash=MD5
Diffie-Hellman Group 1
Win2K SP1
Have set up both in-bound and out-bound tunnels, security policy for both.
On Win2K side, looking at debug logs, I can see it establish the tunnel, go
(successfully) through phase one negotiation using Oakley Main Mode, but
then, during phase two, it uses Oakley Quick Mode, and the log indicates an
invalid key exchange type. Of course, it then tears down the tunnel. MS
has been mostly unhelpful, and Cisco does not have the quick answer either.
However, they both swear it will work.
Any insight to this problem would be very helpful,
TIA,
Trevor K. Wilson
Network Architect
(i) Structure
A Level 3 Communications Company
(480) 775-3125
(888) 627-9956 Pager
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
