Automatically generated shared secret is not accepted by Symantec VPN client

Article:TECH82446  |  Created: 2004-01-30  |  Updated: 2012-01-26  |  Article URL http://www.symantec.com/docs/TECH82446
Article Type
Technical Solution


Issue



When you configure a user for a client-to-gateway VPN connection on your Symantec Enterprise Firewall, Symantec VelociRaptor appliance or Symantec Gateway Security appliance, you click Generate to create the shared secret for that user. When you type this shared secret in Symantec Enterprise VPN Client or Symantec Client VPN, the software does not accept the shared secret.


Solution



The generated shared secret key is a 42 character hex value. This value begins with "0x", indicating it is a hexadecimal number, and then continues with the 40 hex characters. 42 characters is within the 20-63 character requirement for a shared secret, however, the VPN client does not accept this format for the shared secret.

To work around this known issue, after generating the user's shared secret on the Symantec firewall, click Reveal and then delete the 0x at the beginning of the shared secret.





Legacy ID



2004073013454954


Article URL http://www.symantec.com/docs/TECH82446


Terms of use for this information are found in Legal Notices