• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Site to Site - IPSec VPN Error

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> VPN >> Site to Site - IPSec VPN Error Page: [1]
Login
Message << Older Topic   Newer Topic >>
Site to Site - IPSec VPN Error - 27.Feb.2013 11:24:23 AM   
karmayogi

 

Posts: 8
Joined: 5.Nov.2007
From: Planet Earth
Status: offline
Folks,

I have been trying to troubleshoot an error when I am trying to configure and apply a site to site VPN tunnel between my ISA 2006 and a remote Checkpoint VPN Gateway. The problem seems to be that my tunnel configuration is not even being applied and started on the ISA.

The only error I see in the event viewer as well as in the ISA alerts window is this

The Firewall service cannot create the IPSec Configuration for the XXXX network.
The failure is due to error: Incorrect function.


Some notes of what is happening
ISA 2006 sp1 on Virtualized MS Windows 2003 server.

1) I have defined the remote end point as part of the remote network as per IPSec requirements
2) I have checked to make sure the IPSEc service is started and is on automatic
3) I have applied, restarted and performed the usual checks to make sure it is not one of
the silly obvious problems.
4) I have checked the IPSec monitor MMC console and it does not even show any registration for my tunnel...which leads me to the conclusion that it is something fundamental... and nothing to do with the actual VPN communications because it has not even reached so far.
5) I have tried this on two different ISA 2006 instances and they both give me the exact same error.
6) Settings on the IPSec panel
Main Mode:
EncryptionL 3DES
Integrity: MD5
DH Group: Group 2
Pre-Shared Key
Security Assoc Lifetime: 86400 sec

ESP Tunnel Mode
Encryption: 3DES
Integrity: MD5
Perfect Forward Secrecy: ON
DH Group: Group 2
Time Rekeying: ON
Security Assoc Lifetime: 3600 sec
kbyte rekeying: OFF


Has anyone encountered an error like this before?

Appreciate any guidance..

Thanks
Yogi
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> VPN >> Site to Site - IPSec VPN Error Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts