Re: [SunRay-Users] Tadpole 4100?

Eric Bautsch Thu, 11 Jun 2009 22:36:30 -0700

Hi Chuck.

Yes, I had the same problem and reverted back to a fixed key.


Eric


Charles Greco wrote:

Just an update to anyone else working on this problem the end result of
my testing is that the phase1 completes just fine but the phase2 fails.
Problem is the Tadpole never gets prompted for the user authentication
and the debug on the cisco indicates it is sending XAUTH_USER_NAME_V2
and XAUTH_USER_PASSWORD_V2 and getting no response.

Any thoughts or suggestions would be appreciated.


My cisco config:

aaa authentication login userlist local
aaa authorization network grouplist local
!
!
!
username cisco password 0 cisco
!
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp client configuration group cisco
 key cisco
 dns 10.0.100.10
 domain ops.qualys.com
 pool green
 acl 199
!
!
crypto ipsec transform-set mytr esp-3des esp-sha-hmac
!
crypto dynamic-map mode 1
 set transform-set mytr
!
!
crypto map mode client authentication list userlist
crypto map mode isakmp authorization list grouplist
crypto map mode client configuration address initiate
crypto map mode client configuration address respond
crypto map mode 1 ipsec-isakmp dynamic mode
!
!
!
ip local pool green 10.42.42.1 10.42.42.42
!
!
interface FastEthernet0
 ip address 10.x.x.x 255.255.255.0
 duplex auto
 speed auto
 crypto map mode
!
!
access-list 199 permit ip 192.168.200.0 0.0.0.255 any



Tadpole:

Firmware: 1.4.8
IPSec VPN: IKE
Tunnelled
Aggressive Mode
Encr: 3des
Auth SHA-1
DH: Group 2



Cheers,
-Chuck

-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Constantine
Morris
Sent: Thursday, June 11, 2009 1:36 PM
To: SunRay-Users mailing list
Subject: Re: [SunRay-Users] Tadpole 4100?


We are using the Tadpole M1400 with Juniper SSG 350 and it works like a

charm.

Tadpole Settings are:

Phase 1 - Aggressive Mode
Device ID - E-mail address
Encryption - 3DES-CBC
Authentication - SHA1
Group 2 (MODP 1024)
PFS - None
Xauth - preshared Key
Static IP - x.x.x.x
VPN Server - x.x.x.x

Hope this helps.  Costa

-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Paul Whitener
Sent: Thursday, June 11, 2009 3:12 PM
To: SunRay-Users mailing list
Subject: Re: [SunRay-Users] Tadpole 4100?


I have the Comet 150 version and it connects to Cisco EZVPN great!

IKE
Aggressive Mode
3DES-CBC
Auth MD5
DH Group2 MODP 1024
aes-128

/paul


-----Original Message-----

From: Charles Greco <[email protected]>
Sent: Jun 10, 2009 10:34 PM
To: SunRay-Users mailing list <[email protected]>
Subject: Re: [SunRay-Users] Tadpole 4100?

Oh, that's really confusing as I wrote it. I was speaking of dial-in

vpn

access. E.g. using the vpn client built into the Tadpole. I've played
with various configurations and can't seem to get it to work smoothly.

-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Craig Bender
Sent: Wednesday, June 10, 2009 7:11 PM
To: SunRay-Users mailing list
Subject: Re: [SunRay-Users] Tadpole 4100?

Dial in?

Charles Greco wrote:

Hello all,

Has anyone configured a cisco router device to allow dial-in access

from

a Tadpole Comet SunRay client? If you've got a working config sample

let

me know.

Cheers,
-Chuck

--------------------------------------------------------------------

This e-mail message, including any attachments, is for the sole use

of

the intended recipient(s) and may contain confidential and privileged
information.  Unauthorized review, use, disclosure or distribution is
prohibited.  If you are not the intended recipient, please contact the
sender by reply e-mail and destroy all copies of the original message.
Thank you.

_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users

_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users




_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users

_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users
_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users


--

     ____
    /          .                           Eric A. Bautsch
   /--   __       ___                ______________________________________
  /     /    /   /                  /
 (_____/____(___(__________________/       email: [email protected]

smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
SunRay-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sunray-users

Re: [SunRay-Users] Tadpole 4100?

Reply via email to