Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Answers 2 answers
  • Subscribers 28 subscribers
  • Views 15640 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CISCO VPN Client Only Connects 2/5 Attempts

c h

XG Experts,

I've successfully configured the CISCO VPN™ Client in XG Firewall v16. iOS and mac os clients will connect, but usually not on the first attempt. Oftentimes, they won't connect for a number of minutes and then all of sudden, they connect immediately. When an error is given (and not just a timeout), the error is "Negotiation with the VPN server failed."

I'm using the iOS profile downloaded from the user portal and I'm at a bit of loss as to what might be wrong. For the record, this happens across a number of networks (cellular, cable, and fiber).

Thoughts, comments, suggestions, ideas as to where to start?

Thanks in advance for the help!

chobo997



This thread was automatically locked due to age.
Parents
  • +1

    Hi,

    Check #1 in the guide here. Post the logs for the unsuccessful attempts.

    Thanks

  • 0 in reply to sachingurung

    Thanks so much for the reply, sachingurung.

    I've investigated a bit further and even did a clean install – activating only the CISCO VPN Client and necessary firewall rules. We have a clue from the System log:

    "EST-P1: Peer did not accept any proposal sent."

    This error occurs with both iOS and mac os devices using Apple's built-in Cisco IPsec client. I'm starting to think this could be a larger issue with XG Firewall's Cisco VPN and iOS/mac os devices. I haven't had a chance yet, but I plan to set up a regular road warrior IPsec tunnel to see if the results are any different.

    What other thoughts do you have on the subject?

    Thanks again!

Reply
  • 0 in reply to sachingurung

    Thanks so much for the reply, sachingurung.

    I've investigated a bit further and even did a clean install – activating only the CISCO VPN Client and necessary firewall rules. We have a clue from the System log:

    "EST-P1: Peer did not accept any proposal sent."

    This error occurs with both iOS and mac os devices using Apple's built-in Cisco IPsec client. I'm starting to think this could be a larger issue with XG Firewall's Cisco VPN and iOS/mac os devices. I haven't had a chance yet, but I plan to set up a regular road warrior IPsec tunnel to see if the results are any different.

    What other thoughts do you have on the subject?

    Thanks again!

Children