Trevor,
The PIX OS version you are using supports MS PPTP connectivity to the
PIX. Configuration details for MS PPTP to PIX 5.3 are discussed in the PIX
5.3 release notes.
MS Windows 2000 L2TP / IPSec client to PIX connectivity is planned for the
next release of PIX OS.
You can configure the Windows 2000 PC equipped with the Cisco VPN client to
connect to the PIX v5.3 using IPSec. We have several configuration
examples for MS Windows 2000 with Cisco VPN client to PIX available for
download from Cisco Connection Online (http://www.cisco.com).
Regards,
Brian
>Date: Thu, 11 Jan 2001 00:49:41 -0700
>From: [EMAIL PROTECTED]
>Subject: PIX & Win2K IPSec
>
>
>Hello All,
> I'm having a heck of a time getting the Win2K IPSec client (Native
>Win2K) to establish a tunnel with my PIX firewall. Has anyone successfully
>done this? Some of the basic facts are:
>
>
>PIX OS: 5.3(1)
>Pre-Shared Keys (At least for now)
>ESP Integrity=MD5
>ESP Encryption=DES
>Hash=MD5
>Diffie-Hellman Group 1
>Win2K SP1
>Have set up both in-bound and out-bound tunnels, security policy for both.
>
>
>On Win2K side, looking at debug logs, I can see it establish the tunnel, go
>(successfully) through phase one negotiation using Oakley Main Mode, but
>then, during phase two, it uses Oakley Quick Mode, and the log indicates an
>invalid key exchange type. Of course, it then tears down the tunnel. MS
>has been mostly unhelpful, and Cisco does not have the quick answer either.
>However, they both swear it will work.
>
>
>Any insight to this problem would be very helpful,
>TIA,
>
>
>Trevor K. Wilson
>Network Architect
>(i) Structure
>A Level 3 Communications Company
>(480) 775-3125
>(888) 627-9956 Pager
>[EMAIL PROTECTED]
Brian Ford
Consulting Engineer
Cisco Systems Inc.
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
