Cisco PIX 7.0.1 to Watchguard V60 VPN Tunnel

In article , wrote: :6.3.4 of the pix software, I have successfully created a VPN tunnel :from the :v60 to the pix many times in the past. Now that my test PIX has been :upgraded to 7.0, I have been unable to do so and it is a major hold up :to my project...but what isn't a hold up right? See partial packet :dump below... Keeps saying PAYLOAD_MALFORMED where i have it marked :with

If the keys were wrong, would Phase I still negotiate properly? I will try your idea tomorrow morning first thing....as my keys do have letters, numbers, and symbols...

In article , wrote: :If the keys were wrong, would Phase I still negotiate properly?

Yes.

After you said that, I was too interested to slee, so i did it tonight. I tried your idea...just made the key a simple word...same problem. I also purposfully mismatched the keys and phase 1 did not negotiate at all.

I have never used the Watchguard V series, but when I had PIX 6.3.x VPN's back to Watchguard Firebox II, III, and SOHO5 series, I had to use a very specific combination of security protocols for it to work because those models only spoke to the PIX in a certain combo, even though they supported most of the things the PIX supported.

IIRC, I had to not use PFS, and needed DES instead of 3DES, and DH had to be group 1 instead of 2. I found the info on Watchguard's support site, so you may want to look for something similar for the V series.