I have a Linksys WAG54G wireless ADSL rouer.

I can connect to my companies PIX firewall using the Cisco VPN client if I
disable its internat firewall.
When the Linksys firewall is enabled the VPN fails on the IKE

I have triedd using the gaming options to open up port 500 but it still
doesn't work.

Client trace below with IP address removed.

Cheers,

Philip


Cisco Systems VPN Client Version 4.0.3 (F)
Copyright (C) 1998-2003 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.1.2600

1 17:02:35.750 12/11/04 Sev=Info/4 CM/0x63100002
Begin connection process

2 17:02:35.840 12/11/04 Sev=Info/4 CM/0x63100004
Establish secure connection using Ethernet

3 17:02:35.840 12/11/04 Sev=Info/4 CM/0x63100024
Attempt connection with server "***.***.***.***"

4 17:02:35.900 12/11/04 Sev=Info/6 IKE/0x6300003B
Attempting to establish a connection with ***.***.***.***.

5 17:02:39.926 12/11/04 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK MM (SA, VID(Xauth), VID(dpd), VID(Nat-T), VID(Frag),
VID(Unity)) to ***.***.***.***

6 17:02:40.076 12/11/04 Sev=Info/4 IPSEC/0x63700008
IPSec driver successfully started

7 17:02:40.076 12/11/04 Sev=Info/4 IPSEC/0x63700014
Deleted all keys

8 17:02:40.357 12/11/04 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = ***.***.***.***

9 17:02:40.357 12/11/04 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK MM (SA) from 202.65.16.6

10 17:02:40.377 12/11/04 Sev=Info/6 IKE/0x63000001
IOS Vendor ID Contruction successful

11 17:02:40.377 12/11/04 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK MM (KE, NON, VID(?), VID(Unity)) to ***.***.***.***

12 17:02:40.537 12/11/04 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = ***.***.***.***

13 17:02:40.537 12/11/04 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK MM (KE, NON, CERT_REQ, VID(Xauth), VID(dpd),
VID(Unity), VID(?)) from ***.***.***.***

14 17:02:40.537 12/11/04 Sev=Info/5 IKE/0x63000001
Peer supports XAUTH

15 17:02:40.537 12/11/04 Sev=Info/5 IKE/0x63000001
Peer supports DPD

16 17:02:40.537 12/11/04 Sev=Info/5 IKE/0x63000001
Peer is a Cisco-Unity compliant peer

17 17:02:40.537 12/11/04 Sev=Info/5 IKE/0x63000081
Received IOS Vendor ID with unknown capabilities flag 0x00000025

18 17:02:46.496 12/11/04 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK MM *(ID, CERT, CERT_REQ, SIG,
NOTIFY:STATUS_INITIAL_CONTACT) to ***.***.***.***

19 17:02:51.503 12/11/04 Sev=Info/4 IKE/0x63000021
Retransmitting last packet!

20 17:02:51.503 12/11/04 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK MM *(Retransmission) to ***.***.***.***

21 17:02:55.539 12/11/04 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = ***.***.***.***

22 17:02:55.539 12/11/04 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK MM (Retransmission) from ***.***.***.***

23 17:02:55.539 12/11/04 Sev=Info/4 IKE/0x63000021
Retransmitting last packet!

24 17:02:55.539 12/11/04 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK MM *(Retransmission) to ***.***.***.***

25 17:03:01.017 12/11/04 Sev=Info/4 IKE/0x63000021
Retransmitting last packet!

26 17:03:01.017 12/11/04 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK MM *(Retransmission) to ***.***.***.***

27 17:03:06.024 12/11/04 Sev=Info/4 IKE/0x63000017
Marking IKE SA for deletion (I_Cookie=C7C3BD1FDE5E3B1F
R_Cookie=98C52F2232E603EE) reason = DEL_REASON_PEER_NOT_RESPONDING

In article <3gwud.321$z8.14346@nnrp1.ozemail.com.au>,
Phil <nospam@hotmail.com> wrote:
:I have a Linksys WAG54G wireless ADSL rouer.

:I can connect to my companies PIX firewall using the Cisco VPN client if I
:disable its internat firewall.
:When the Linksys firewall is enabled the VPN fails on the IKE

On the PIX, ensure that isakmp nat-traversal 20 is set.
That command is supported from 6.3(1) as I recall.
--
Admit it -- you peeked ahead to find out how this message ends!