Hi,
I'm trying to set up a L2TP/IPsec-based VPN between a W2K client
(with/without SP1) and a cisco 3620 running 'c3620-is56i-mz.121-5.T.bin'.
IPsec (with certificate authentication) is working fine, (nearly) all
traffic between client & router is running smoothly & encrypted.
But... when using L2TP I get this (taken from 'debug crypto isakmp' on the
cisco):
-----
Mar 14 22:54:11: IPSEC(create_sa): sa created,
(sa) sa_dest= 192.168.96.4, sa_prot= 50,
sa_spi= 0x39AD4068(967655528),
sa_trans= esp-des esp-md5-hmac , sa_conn_id= 2002
Mar 14 22:54:11: IPSEC(create_sa): sa created,
(sa) sa_dest= 192.168.96.12, sa_prot= 50,
sa_spi= 0xE3C98BD5(3821636565),
sa_trans= esp-des esp-md5-hmac , sa_conn_id= 2003
Mar 14 22:54:19: IPSEC(decapsulate): error in decapsulation
crypto_ipsec_sa_exis
ts
-----
and the connection fails. So after (successful, as it seems to me)
establishment of the SA (as I said, all other traffic flows)... there seems
to be a decapsulation problem...
Any ideas?
If you have some, please mail me directly, as this is a bit off-topic.
I can provide additional config info (if wanted publicly).
Thanks in advance,
Enno Rey
[EMAIL PROTECTED]
PGP 74C0 C7E1 3875 E4EB 9B75 8B9D 5E2D 3178 685B F222
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
