I'm trying to get a Nokia E60 Mobile VPN Client (Symbian 3rd) connected to a Cisco PIX, but it doesn' work yet. The PIX-Policy has the lifetime
86400 sec. In the "debug crypto isakmp" I get the following line:ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80 ISAKMP (0): atts are not acceptable....
When I connect with a Cisco VPN Client, I get:
ISAKMP: life duration (VPI) of 0x0 0x20 0xc4 ISAKMP (0): atts are acceptable....
What do these hexadecimal numbers mean? What do I have to change in the Policy of my Nokia VPN Client to get accepted like the Cisco Client?
Here is my Nokia VPN Policy:
SECURITY_FILE_VERSION: 3 [INFO] VPN-Policy for Nokia Mobile VPN Client v3.0. [POLICY] sa ipsec_1 = { esp encrypt_alg 3 auth_alg 3 identity_remote 0.0.0.0/0 src_specific hard_lifetime_bytes 0 hard_lifetime_addtime 3600 hard_lifetime_usetime 3600 soft_lifetime_bytes 0 soft_lifetime_addtime 3600 soft_lifetime_usetime 3600 }
remote 0.0.0.0 0.0.0.0 = { ipsec_1(195.226.32.136) } inbound = { } outbound = { }
[IKE] ADDR: 195.226.32.136 255.255.255.255 MODE: Aggressive SEND_NOTIFICATION: TRUE ID_TYPE: 11 FQDN: testgroup GROUP_DESCRIPTION_II: MODP_1024 USE_COMMIT: FALSE IPSEC_EXPIRE: FALSE SEND_CERT: FALSE INITIAL_CONTACT: FALSE RESPONDER_LIFETIME: TRUE REPLAY_STATUS: TRUE USE_INTERNAL_ADDR: TRUE USE_NAT_PROBE: FALSE ESP_UDP_PORT: 0 NAT_KEEPALIVE: 60 USE_XAUTH: TRUE USE_MODE_CFG: TRUE REKEYING_THRESHOLD: 90 PROPOSALS: 1 ENC_ALG: 3DES-CBC AUTH_METHOD: PRE-SHARED HASH_ALG: SHA1 GROUP_DESCRIPTION: MODP_1024 GROUP_TYPE: DEFAULT LIFETIME_KBYTES: 0 LIFETIME_SECONDS: 86400 PRF: NONE PRESHARED_KEYS: FORMAT: STRING_FORMAT KEY: 7 testkey