From: Tomi Amao (tomiground@hotmail.com)
Date: Thu Dec 04 2008 - 12:31:28 ARST
i have an issue nd this is it i hope to get help from any1 as soon as
possible thx.
i have 2 routers on a LAN and a CA also on that LAN
the 2 routers have authenticated the CA nd then enrolled with the CA
the 2 routers have generated rsa keys (1024)
when i create interesting traffic on the routers that match the proxy ACL
the traffic never gets encrypted
isakmp phase 1 attributes are acceptable
but along the line durin the debug crypto isakmp and debug crypto ipsec i get
the following error message:
%CRYPTO-5-IKMP_INVAL_CERT: Certificate received from x.x.x.x is bad: CArequest
failed
i've read tht time on the cisco routers could be a problem but tht is properly
sorted out the 2 routers are synched up
with proper time and they are also synched up with proper time from the CA
i really can't guess again wat the problem could be any help would really be
appreciated urgently
thx
Tomi Amao
CCIE#19627
This archive was generated by hypermail 2.1.4 : Thu Jan 01 2009 - 12:53:07 ARST