Solved

Cisco VPN - ASA 5505 Setup - SW error occured, hash verification failed

Posted on 2010-09-08
6
3,880 Views
Last Modified: 2012-06-27
Hi All,

So my client needs this VPN setup..like RIGHT AWAY and this is a first for me.

I inherited this Cisco ASA 5505 device and was told that there was working VPN on it.  The one person who used to VPN in was using the Cisco Easy Connect client (which I cannot find an executable for or logi to cisco to get)

So here is what I have done.. I have logged into the ASA 5505 and run the IPSec Remote Access Wizard for a Remote Gateway.  I also installed the Cisco VPN Client on my Windows 7 (Version 5)

In the VPN Client I entered the router WAN IP.  When I try and connect it says contacting the sexurity gateway for about 2 seconds and then fails.  In the VPN client log I get this


23     08:20:53.872  09/08/10  Sev=Warning/2      IKE/0xE300009B
Failed to authenticate peer (Navigator:915)

24     08:20:53.872  09/08/10  Sev=Warning/2      IKE/0xE30000A7
Unexpected SW error occurred while processing Aggressive Mode negotiator:(Navigator:2263)

25     08:21:36.203  09/08/10  Sev=Warning/3      IKE/0xE3000057
The received HASH payload cannot be verified

26     08:21:36.203  09/08/10  Sev=Warning/2      IKE/0xE300007E
Hash verification failed... may be configured with invalid group password.

27     08:21:36.203  09/08/10  Sev=Warning/2      IKE/0xE300009B
Failed to authenticate peer (Navigator:915)

28     08:21:36.204  09/08/10  Sev=Warning/2      IKE/0xE30000A7
Unexpected SW error occurred while processing Aggressive Mode negotiator:(Navigator:2263)

29     08:21:38.246  09/08/10  Sev=Warning/3      IKE/0xE3000057
The received HASH payload cannot be verified

30     08:21:38.247  09/08/10  Sev=Warning/2      IKE/0xE300007E
Hash verification failed... may be configured with invalid group password.

31     08:21:38.248  09/08/10  Sev=Warning/2      IKE/0xE300009B
Failed to authenticate peer (Navigator:915)

32     08:21:38.250  09/08/10  Sev=Warning/2      IKE/0xE30000A7
Unexpected SW error occurred while processing Aggressive Mode negotiator:(Navigator:2263)


I need to get this up and running asap, please help!!
0
Comment
Question by:btny
6 Comments
 
LVL 9

Expert Comment

by:ffleisma
ID: 33626445
0
 
LVL 9

Expert Comment

by:ffleisma
ID: 33626447
hope that helps :-)
0
 

Author Comment

by:btny
ID: 33626472
Thanks I followed this guide to set it up using asdm
I will review it again but does this help with the errors I'm getting?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 3

Expert Comment

by:Mystique_87
ID: 33627072
hi btny,

check if the tunnel group attributes are entered correctly in the VPN server and the same are entered in the connection profile of the client software, including the lower case or upper case in which the config is entered
0
 
LVL 9

Expert Comment

by:Donboo
ID: 33631656
This "Hash verification failed... may be configured with invalid group password." indicate that the group password on the client and the group password on the ASA are not matching. pucnh them in again or simplify them by using "1234" as a test.
0
 

Accepted Solution

by:
btny earned 0 total points
ID: 33941915
Thanks all for the support but the problem here was that the SSL was going over 443 and they had OWA which also used 443.

Along with a cisco tech we changed teh VPn SSL to 4433!
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let’s list some of the technologies that enable smooth teleworking. 
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question