From: Nordhoff, Michael G. (US - Hermitage) (mnordhoff@deloitte.com)
Date: Mon Feb 10 2003 - 13:39:22 GMT-3
I've had similar problems between a Cisco router and a Nokia Checkpoint FW.
Each time the problem had to do with differences in Phase 1 and Phase 2
keying timers. The default for Cisco is 86400 seconds (1 day) for Phase 1
and 3600 seconds (1 hour) for Phase 2. Not sure what the defaults are for
the Nokia. Either change the Nokia to match the Cisco or vice versa. Once
these timers and all other encryption and hashing parameters match the
tunnels should come up.
- MN
-----Original Message-----
From: Stefano Lassi [mailto:stefano.lassi@sysma.it]
Sent: Monday, February 10, 2003 10:12 AM
To: ccielab@groupstudy.com
Subject: IPSec VPN tunnel beetween Cisco IOS and Nokia CC500
Hi guys
has anyone successfully configured a IPSec tunnel beetwenn a Cisco IOS
router and a Nokia CC500 box (actually AlchemyOS)?
We found only configuration example connecting CC500 vs Cisco PIX or
Checkpoint, not vs Cisco IOS.
We tested normal and reasonable configurations on both ends, but Phase 1
(ISAKMP) does not want start ...
%CRYPTO-6-IKMP_MODE_FAILURE: Processing of Quick mode failed with peer at
XXXXXXX
%CRYPTO-6-IKMP_MODE_FAILURE: Processing of Informational mode failed with
peer at XXXX
Thank you very much
Stefano Lassi
CCNP/CCDP
Genova - ITALY
.
- This message (including any attachments) contains confidential information
intended for a specific individual and purpose, and is protected by law. -
If you are not the intended recipient, you should delete this message and
are hereby notified that any disclosure, copying, or distribution of this
message, or the taking of any action based on it, is strictly prohibited.
.
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:17 GMT-3