[VPN] Request: Need PIX Recipe for WinXP L2TP/IPSEC
Engelhard M. Labiro
engelhard at ieee.org
Tue May 25 06:55:53 EDT 2004
Hi Stacy,
The Win XP L2TP/IPSec client is using ESP in "TRANSPORT" mode not
"TUNNEL" mode.
Try changing the Phase2 ESP policy to transport mode.
Best Regards,
On Mon, 24 May 2004 23:55:04 -0700
Stacy Purcell <spurcell at covad.net> wrote:
> Does anyone have a working example of a PIX config that works with WinXP
> L2TP/IPSEC clients that they can share?
>
> I'm working with a PIX 501 that has the DES/3DES/AES license.
>
> Using the WinXP VPN client GUI config, I can initiate the connection and
> it passes the authentication step in quick mode, but hangs on the next
> ISAKMP step where they try to agree on the encryption parameters. It
> complains about "invalid transforma proposal flags -- 0x200" or says
> "transform proposal not supported".
>
> I also tried unsuccessfully to configure the WinXP side from scratch
> using the IPSEC policies but I can't even get the box to do IKE when I
> have the policy installed.
>
> A PIX example with a brief description of how you config the WinXP
> clients would be very helpful. :)
>
> Thanks,
> Stacy Purcell
>
>
> _______________________________________________
> VPN mailing list
> VPN at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/vpn
--
エンゲルMラビロ <eng3lhard at hotmail.com>
東京都練馬区錦1丁目6-8
携帯:090-5578-9364
電話:03-5398-8604
More information about the VPN
mailing list