[ previous ] [ next ] [ threads ]
 From:  Louis <m0n0 dot ch at hourfollowshour dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  IPSec over wireless to m0n0 (cisco VPN client)
 Date:  Fri, 10 Dec 2004 23:55:17 -0500
I am trying to use the cisco VPN client for version 4.0.3 to connect to 
m0n0wall over a wireless link to the same m0n0wall box's LAN subnet. 
Does the Cisco VPN client even work w/M0n0wall?

I setup the IPSec config per the instructions here:

v1.2b3 net4521 + 2511 CD PLUS EXT2
WAN  -
LAN  -
OPT1 - (wi / wireless interface)

Windows XP - Cisco VPN Client (4.0.3)

I also have the firewall open for UDP 500 from the OPT1 (wi) interface 
to the LAN.

I have the client configured as follows:
- There is a Group Authentication section with a Name/Password field
  (does this = pre-shared ID/key?)
- IPSec over UDP (NAT / PAT)
(there aren't many other options)

On the client side I see "The remote peer does not support the required 
VPN client protocol."  On the server side I see in Logs -> System:
Dec 10 23:48:04 	racoon: INFO: isakmp.c:904:isakmp_ph1begin_r(): respond 
new phase 1 negotiation:[500]<=>[500]

Dec 10 23:48:04 	racoon: INFO: isakmp.c:909:isakmp_ph1begin_r(): begin 
Aggressive mode.

Dec 10 23:48:07 	racoon: WARNING: 
isakmp_inf.c:1345:isakmp_check_notify(): ignore INITIAL-CONTACT 
notification, because it is only accepted after phase1.

Dec 10 23:48:07 	racoon: INFO: isakmp.c:2459:log_ph1established(): 
ISAKMP-SA established[500]-[500] 

Dec 10 23:48:07 	racoon: ERROR: isakmp_inf.c:1244:isakmp_info_recv_d(): 
delete payload with invalid doi:0.

Any ideas would be appreciated.