Config a Dial-up VPN Using WXP Client with L2TP Over IPSec (without Net Remote)



  • i have successfully follow this steps
    http://kb.juniper.net/kb/documents/public/VPN/ScreenOS_Windows_L2TP_IPSec.pdf
    i am working on a SSG 5 with latest firmware, also test both client with Windows XP and Windows 7 with the same
    results.
    the logs files present the following error.

    2010-04-10 16:49:00 info Rejected an IKE packet on ethernet0/0 from 190.166.XXX.XX:51280 to 200.88.XXX.XXX:500 with cookies 4ee2ce451d3b2ec8 and b4b21b8acf7e675f because The peer sent a packet with a message ID before Phase 1 authentication was done.
    2010-04-10 16:49:00 info IKE 190.166.189.19 Phase 1: Responder starts MAIN mode negotiations.

    i am using a certificate to authenticate.
    thanks in advace



  • Just found that the certificated used before was not the correct one.
    You must add the IPSec template on Windows 2003 in order to Generate IPSec Certificate.
    However, receiving now error 789.

    Logs files Rejected an IKE packet on ethernet0/0 from 190.166.XXX.XX:55333 to 200.88.XXX.XXX:500 with cookies b05a4cab3ab568bd and 1d84e8050be13348 because Phase-1: no user configuration was found for the received IKE ID type: ASN1_DN,9.

    Any hell apriciated.


 

35
Online

38.4k
Users

12.7k
Topics

44.5k
Posts