# Cisco VPN Firewall Policy Mismatch

## rgatliff

I am relatively new to Gentoo.

I currently have net-misc/cisco-vpnclient-3des-4.6.00.0045-r1 installed on a 2.6.10 kernel.

When I run 

```
 vpnclient connect PROFILE-NAME 
```

 I get:

Authenticating user.

Negotiating security policies.

Securing communication channel.

Secure VPN Connection terminated by Peer.

Reason: Firewall Policy Mismatch.

There are no new notification messages at this time.

I understand that there is a need to have UDP traffic on port 500, but am unsure how to set this up. I do not have IPTABLES installed and have searched a few days for a solution. I understand this is probably a relatively simple problem, but have exausted my resources to find a solution. 

Thanks in advance.

Rob

----------

## Tmor

Same problem here, although I am using a different client.

vpnclient-linux-4.6.00.0045-k9.tar.gz

I am using kernel 2.6.10-r6 and the module loads fine.

cipsec0 is up and available.

The windows version of the configuration file works fine.

----------

## Tmor

I am not sure what you use for the VPN end tunnel, but we are using a Cisco VPN Concentrator.  The Cisco VPN client has its own firewall so that it can set or deny features like split tunneling.

When the profile on the VPN Concentrator was modified to ignore the client firewall I was able to connect.

----------

