Question

Cannot connect with Cisco VPN Client

Asked by: bbehnam

I'm trying to connect to a client's network through the Cisco VPN Client which they sent along with the configuration file.  My network is behind a Linksys router. I have 2 XP machines (desktop and laptop). The laptop connects without any problems, but the desktop will not. The error we receive is DEL_REASON_CANNOT_AUTH but that doesn't make sense since the both machines are using the same configuration file and the laptop can connect without any issues. Their network administrator has pretty much given up because she can't figure out what the problem is.

My guess is that there is a setting/issue of some kind on the desktop which is causing the error, but do not know where to start if diagnosing this problem.

I do not use XP firewall, have Norton AV and have disabled the Worm Protection (though on the laptop it is not disabled and works fine).

Any ideas/help would be greatly appreciated. If you need me to post additional info, please be considerate of my limited knowledge when asking. I've posted logs from both machines below.

Behdad


************************ DESKTOP LOG ************************
Cisco Systems VPN Client Version 4.8.01.0300
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.1.2600 Service Pack 2
Config file directory: C:\Program Files\Cisco Systems\VPN Client\

1      17:17:58.015  09/27/06  Sev=Warning/3      GUI/0xA3B0000B
Reloaded the Certificates in all Certificate Stores successfully.

2      17:18:06.281  09/27/06  Sev=Info/4      CM/0x63100002
Begin connection process

3      17:18:06.281  09/27/06  Sev=Info/4      CVPND/0xE3400001
Microsoft IPSec Policy Agent service stopped successfully

4      17:18:06.281  09/27/06  Sev=Info/4      CM/0x63100004
Establish secure connection using Ethernet

5      17:18:06.281  09/27/06  Sev=Info/4      CM/0x63100024
Attempt connection with server "vpn.edensandavant.com"

6      17:18:07.281  09/27/06  Sev=Info/6      IKE/0x6300003B
Attempting to establish a connection with 72.159.147.130.

7      17:18:07.281  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 72.159.147.130

8      17:18:07.281  09/27/06  Sev=Info/4      IPSEC/0x63700008
IPSec driver successfully started

9      17:18:07.281  09/27/06  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

10     17:18:07.359  09/27/06  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 72.159.147.130

11     17:18:07.359  09/27/06  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Nat-T), NAT-D, NAT-D, VID(Frag), VID(?)) from 72.159.147.130

12     17:18:07.359  09/27/06  Sev=Info/5      IKE/0x63000001
Peer is a Cisco-Unity compliant peer

13     17:18:07.359  09/27/06  Sev=Info/5      IKE/0x63000001
Peer supports XAUTH

14     17:18:07.359  09/27/06  Sev=Info/5      IKE/0x63000001
Peer supports DPD

15     17:18:07.359  09/27/06  Sev=Info/5      IKE/0x63000001
Peer supports NAT-T

16     17:18:07.359  09/27/06  Sev=Info/5      IKE/0x63000001
Peer supports IKE fragmentation payloads

17     17:18:07.359  09/27/06  Sev=Info/6      IKE/0x63000001
IOS Vendor ID Contruction successful

18     17:18:07.359  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, NAT-D, NAT-D, VID(?), VID(Unity)) to 72.159.147.130

19     17:18:07.359  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

20     17:18:07.359  09/27/06  Sev=Info/4      IKE/0x63000083
IKE Port in use - Local Port =  0x1194, Remote Port = 0x1194

21     17:18:07.359  09/27/06  Sev=Info/5      IKE/0x63000072
Automatic NAT Detection Status:
   Remote end is NOT behind a NAT device
   This   end IS behind a NAT device

22     17:18:07.359  09/27/06  Sev=Info/4      CM/0x6310000E
Established Phase 1 SA.  1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

23     17:18:17.359  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

24     17:18:27.359  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

25     17:18:37.484  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

26     17:18:47.484  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

27     17:18:57.484  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

28     17:19:07.484  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

29     17:19:17.484  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

30     17:19:27.484  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

31     17:19:37.703  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

32     17:19:47.734  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

33     17:19:57.734  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

34     17:20:07.734  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

35     17:20:17.843  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

36     17:20:27.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

37     17:20:37.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

38     17:20:47.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

39     17:20:57.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

40     17:21:07.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

41     17:21:17.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

42     17:21:27.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

43     17:21:37.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

44     17:21:47.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

45     17:21:57.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

46     17:22:07.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

47     17:22:17.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

48     17:22:27.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

49     17:22:37.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

50     17:22:47.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

51     17:22:57.859  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

52     17:23:07.359  09/27/06  Sev=Info/4      IKE/0x63000017
Marking IKE SA for deletion  (I_Cookie=56E32B7363621FF7 R_Cookie=961E773ECEB59413) reason = DEL_REASON_CANNOT_AUTH

53     17:23:07.359  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 72.159.147.130

54     17:23:07.859  09/27/06  Sev=Info/4      IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=56E32B7363621FF7 R_Cookie=961E773ECEB59413) reason = DEL_REASON_CANNOT_AUTH

55     17:23:07.859  09/27/06  Sev=Info/4      CM/0x63100014
Unable to establish Phase 1 SA with server "vpn.edensandavant.com" because of "DEL_REASON_CANNOT_AUTH"

56     17:23:07.859  09/27/06  Sev=Info/5      CM/0x63100025
Initializing CVPNDrv

57     17:23:07.875  09/27/06  Sev=Info/6      CM/0x63100046
Set tunnel established flag in registry to 0.

58     17:23:07.875  09/27/06  Sev=Info/4      IKE/0x63000001
IKE received signal to terminate VPN connection

59     17:23:07.890  09/27/06  Sev=Info/4      IKE/0x63000086
Microsoft IPSec Policy Agent service started successfully

60     17:23:07.890  09/27/06  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

61     17:23:07.890  09/27/06  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

62     17:23:07.890  09/27/06  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

63     17:23:07.890  09/27/06  Sev=Info/4      IPSEC/0x6370000A
IPSec driver successfully stopped

************************ LAPTOP LOG ************************
Cisco Systems VPN Client Version 4.8.01.0300
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.1.2600 Service Pack 2
Config file directory: C:\Program Files\Cisco Systems\VPN Client\

1      17:09:17.656  09/27/06  Sev=Warning/3      GUI/0xA3B0000B
Reloaded the Certificates in all Certificate Stores successfully.

2      17:09:18.734  09/27/06  Sev=Info/4      CM/0x63100002
Begin connection process

3      17:09:18.750  09/27/06  Sev=Info/4      CVPND/0xE3400001
Microsoft IPSec Policy Agent service stopped successfully

4      17:09:18.750  09/27/06  Sev=Info/4      CM/0x63100004
Establish secure connection using Ethernet

5      17:09:18.750  09/27/06  Sev=Info/4      CM/0x63100024
Attempt connection with server "vpn.edensandavant.com"

6      17:09:18.781  09/27/06  Sev=Info/6      IKE/0x6300003B
Attempting to establish a connection with 72.159.147.130.

7      17:09:18.812  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 72.159.147.130

8      17:09:18.875  09/27/06  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 72.159.147.130

9      17:09:18.875  09/27/06  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Nat-T), NAT-D, NAT-D, VID(Frag), VID(?)) from 72.159.147.130

10     17:09:18.875  09/27/06  Sev=Info/5      IKE/0x63000001
Peer is a Cisco-Unity compliant peer

11     17:09:18.875  09/27/06  Sev=Info/5      IKE/0x63000001
Peer supports XAUTH

12     17:09:18.875  09/27/06  Sev=Info/5      IKE/0x63000001
Peer supports DPD

13     17:09:18.875  09/27/06  Sev=Info/5      IKE/0x63000001
Peer supports NAT-T

14     17:09:18.875  09/27/06  Sev=Info/5      IKE/0x63000001
Peer supports IKE fragmentation payloads

15     17:09:18.906  09/27/06  Sev=Info/6      IKE/0x63000001
IOS Vendor ID Contruction successful

16     17:09:18.906  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, NAT-D, NAT-D, VID(?), VID(Unity)) to 72.159.147.130

17     17:09:18.906  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

18     17:09:18.906  09/27/06  Sev=Info/4      IKE/0x63000083
IKE Port in use - Local Port =  0x1194, Remote Port = 0x1194

19     17:09:18.906  09/27/06  Sev=Info/5      IKE/0x63000072
Automatic NAT Detection Status:
   Remote end is NOT behind a NAT device
   This   end IS behind a NAT device

20     17:09:18.906  09/27/06  Sev=Info/4      CM/0x6310000E
Established Phase 1 SA.  1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

21     17:09:18.906  09/27/06  Sev=Info/4      IPSEC/0x63700008
IPSec driver successfully started

22     17:09:18.906  09/27/06  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

23     17:09:18.906  09/27/06  Sev=Info/6      IPSEC/0x6370002C
Sent 1116 packets, 0 were fragmented.

24     17:09:18.953  09/27/06  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 72.159.147.130

25     17:09:18.953  09/27/06  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 72.159.147.130

26     17:09:18.953  09/27/06  Sev=Info/4      CM/0x63100015
Launch xAuth application

27     17:09:18.984  09/27/06  Sev=Info/4      CM/0x63100017
xAuth application returned

28     17:09:18.984  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 72.159.147.130

29     17:09:19.046  09/27/06  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 72.159.147.130

30     17:09:19.046  09/27/06  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 72.159.147.130

31     17:09:19.046  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 72.159.147.130

32     17:09:19.046  09/27/06  Sev=Info/4      CM/0x6310000E
Established Phase 1 SA.  1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system

33     17:09:19.062  09/27/06  Sev=Info/5      IKE/0x6300005E
Client sending a firewall request to concentrator

34     17:09:19.062  09/27/06  Sev=Info/5      IKE/0x6300005D
Firewall Policy: Product=Cisco Systems Integrated Client Firewall, Capability= (Centralized Protection Policy).

35     17:09:19.062  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 72.159.147.130

36     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 72.159.147.130

37     17:09:19.125  09/27/06  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 72.159.147.130

38     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_ADDRESS: , value = 192.168.50.250

39     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NETMASK: , value = 255.255.255.0

40     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(1): , value = 192.168.20.21

41     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NBNS(1) (a.k.a. WINS) : , value = 192.168.20.21

42     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x6300000D
MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SAVEPWD: , value = 0x00000001

43     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x6300000D
MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SPLIT_INCLUDE (# of split_nets), value = 0x00000004

44     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x6300000F
SPLIT_NET #1
      subnet = 192.168.9.0
      mask = 255.255.255.0
      protocol = 0
      src port = 0
      dest port=0

45     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x6300000F
SPLIT_NET #2
      subnet = 192.168.10.0
      mask = 255.255.255.0
      protocol = 0
      src port = 0
      dest port=0

46     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x6300000F
SPLIT_NET #3
      subnet = 192.168.20.0
      mask = 255.255.255.0
      protocol = 0
      src port = 0
      dest port=0

47     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x6300000F
SPLIT_NET #4
      subnet = 192.168.30.0
      mask = 255.255.255.0
      protocol = 0
      src port = 0
      dest port=0

48     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x6300000D
MODE_CFG_REPLY: Attribute = MODECFG_UNITY_PFS: , value = 0x00000000

49     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x6300000E
MODE_CFG_REPLY: Attribute = APPLICATION_VERSION, value = Cisco Systems, Inc ASA5510 Version 7.0(4) built by builders on Thu 13-Oct-05 21:43

50     17:09:19.125  09/27/06  Sev=Info/5      IKE/0x6300000D
MODE_CFG_REPLY: Attribute = Received and using NAT-T port number , value = 0x00001194

51     17:09:19.125  09/27/06  Sev=Info/4      CM/0x63100019
Mode Config data received

52     17:09:19.140  09/27/06  Sev=Info/4      IKE/0x63000056
Received a key request from Driver: Local IP = 192.168.50.250, GW IP = 72.159.147.130, Remote IP = 0.0.0.0

53     17:09:19.140  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK QM *(HASH, SA, NON, ID, ID) to 72.159.147.130

54     17:09:19.218  09/27/06  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 72.159.147.130

55     17:09:19.218  09/27/06  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_RESP_LIFETIME) from 72.159.147.130

56     17:09:19.218  09/27/06  Sev=Info/5      IKE/0x63000045
RESPONDER-LIFETIME notify has value of 86400 seconds

57     17:09:19.218  09/27/06  Sev=Info/5      IKE/0x63000047
This SA has already been alive for 1 seconds, setting expiry to 86399 seconds from now

58     17:09:19.218  09/27/06  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 72.159.147.130

59     17:09:19.218  09/27/06  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK QM *(HASH, SA, NON, ID, ID, NOTIFY:STATUS_RESP_LIFETIME) from 72.159.147.130

60     17:09:19.218  09/27/06  Sev=Info/5      IKE/0x63000045
RESPONDER-LIFETIME notify has value of 28800 seconds

61     17:09:19.218  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK QM *(HASH) to 72.159.147.130

62     17:09:19.218  09/27/06  Sev=Info/5      IKE/0x63000059
Loading IPsec SA (MsgID=2A699BE2 OUTBOUND SPI = 0x7B12D7C2 INBOUND SPI = 0x39E7F88B)

63     17:09:19.218  09/27/06  Sev=Info/5      IKE/0x63000025
Loaded OUTBOUND ESP SPI: 0x7B12D7C2

64     17:09:19.218  09/27/06  Sev=Info/5      IKE/0x63000026
Loaded INBOUND ESP SPI: 0x39E7F88B

65     17:09:19.328  09/27/06  Sev=Info/5      CVPND/0x63400013
    Destination           Netmask           Gateway         Interface   Metric
        0.0.0.0           0.0.0.0      192.168.20.1    192.168.20.102       20
      127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1        1
 169.254.223.75   255.255.255.255    192.168.20.102    192.168.20.102        1
   192.168.20.0     255.255.255.0    192.168.20.102    192.168.20.102       20
 192.168.20.102   255.255.255.255         127.0.0.1         127.0.0.1       20
 192.168.20.255   255.255.255.255    192.168.20.102    192.168.20.102       20
      224.0.0.0         240.0.0.0    192.168.20.102    192.168.20.102       20
255.255.255.255   255.255.255.255    192.168.20.102           0.0.0.0        1
255.255.255.255   255.255.255.255    192.168.20.102    192.168.20.102        1


66     17:09:19.968  09/27/06  Sev=Info/4      CM/0x63100034
The Virtual Adapter was enabled:
      IP=192.168.50.250/255.255.255.0
      DNS=192.168.20.21,0.0.0.0
      WINS=192.168.20.21,0.0.0.0
      Domain=
      Split DNS Names=

67     17:09:19.968  09/27/06  Sev=Info/5      CVPND/0x63400013
    Destination           Netmask           Gateway         Interface   Metric
        0.0.0.0           0.0.0.0      192.168.20.1    192.168.20.102       20
      127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1        1
 169.254.223.75   255.255.255.255    192.168.20.102    192.168.20.102        1
   192.168.20.0     255.255.255.0    192.168.20.102    192.168.20.102       20
 192.168.20.102   255.255.255.255         127.0.0.1         127.0.0.1       20
 192.168.20.255   255.255.255.255    192.168.20.102    192.168.20.102       20
   192.168.50.0     255.255.255.0    192.168.50.250    192.168.50.250       20
 192.168.50.250   255.255.255.255         127.0.0.1         127.0.0.1       20
 192.168.50.255   255.255.255.255    192.168.50.250    192.168.50.250       20
      224.0.0.0         240.0.0.0    192.168.20.102    192.168.20.102       20
      224.0.0.0         240.0.0.0    192.168.50.250    192.168.50.250       20
255.255.255.255   255.255.255.255    192.168.20.102    192.168.20.102        1
255.255.255.255   255.255.255.255    192.168.20.102           0.0.0.0        1
255.255.255.255   255.255.255.255    192.168.50.250    192.168.50.250        1


68     17:09:19.968  09/27/06  Sev=Warning/2      CVPND/0xE3400013
AddRoute failed to add a route: code 87
      Destination      192.168.20.255
      Netmask      255.255.255.255
      Gateway      192.168.50.250
      Interface      192.168.50.250

69     17:09:19.968  09/27/06  Sev=Warning/2      CM/0xA3100024
Unable to add route. Network: c0a814ff, Netmask: ffffffff, Interface: c0a832fa, Gateway: c0a832fa.

70     17:09:19.968  09/27/06  Sev=Info/4      CM/0x63100038
Successfully saved route changes to file.

71     17:09:19.984  09/27/06  Sev=Info/5      CVPND/0x63400013
    Destination           Netmask           Gateway         Interface   Metric
        0.0.0.0           0.0.0.0      192.168.20.1    192.168.20.102       20
 72.159.147.130   255.255.255.255      192.168.20.1    192.168.20.102        1
      127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1        1
 169.254.223.75   255.255.255.255    192.168.20.102    192.168.20.102        1
    192.168.9.0     255.255.255.0    192.168.50.250    192.168.50.250        1
   192.168.10.0     255.255.255.0    192.168.50.250    192.168.50.250        1
   192.168.20.0     255.255.255.0    192.168.20.102    192.168.20.102       20
   192.168.20.0     255.255.255.0    192.168.50.250    192.168.50.250        1
   192.168.20.1   255.255.255.255    192.168.20.102    192.168.20.102        1
 192.168.20.102   255.255.255.255         127.0.0.1         127.0.0.1       20
 192.168.20.255   255.255.255.255    192.168.20.102    192.168.20.102       20
   192.168.30.0     255.255.255.0    192.168.50.250    192.168.50.250        1
   192.168.50.0     255.255.255.0    192.168.50.250    192.168.50.250       20
 192.168.50.250   255.255.255.255         127.0.0.1         127.0.0.1       20
 192.168.50.255   255.255.255.255    192.168.50.250    192.168.50.250       20
      224.0.0.0         240.0.0.0    192.168.20.102    192.168.20.102       20
      224.0.0.0         240.0.0.0    192.168.50.250    192.168.50.250       20
255.255.255.255   255.255.255.255    192.168.20.102    192.168.20.102        1
255.255.255.255   255.255.255.255    192.168.20.102           0.0.0.0        1
255.255.255.255   255.255.255.255    192.168.50.250    192.168.50.250        1


72     17:09:19.984  09/27/06  Sev=Info/6      CM/0x63100036
The routing table was updated for the Virtual Adapter

73     17:09:20.000  09/27/06  Sev=Info/4      CM/0x6310001A
One secure connection established

74     17:09:20.093  09/27/06  Sev=Info/4      CM/0x6310003B
Address watch added for 192.168.20.102.  Current hostname: DELL_D610, Current address(es): 192.168.50.250, 192.168.20.102.

75     17:09:20.109  09/27/06  Sev=Info/4      CM/0x6310003B
Address watch added for 192.168.50.250.  Current hostname: DELL_D610, Current address(es): 192.168.50.250, 192.168.20.102.

76     17:09:20.109  09/27/06  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

77     17:09:20.109  09/27/06  Sev=Info/4      IPSEC/0x63700010
Created a new key structure

78     17:09:20.109  09/27/06  Sev=Info/4      IPSEC/0x6370000F
Added key with SPI=0xc2d7127b into key list

79     17:09:20.109  09/27/06  Sev=Info/4      IPSEC/0x63700010
Created a new key structure

80     17:09:20.109  09/27/06  Sev=Info/4      IPSEC/0x6370000F
Added key with SPI=0x8bf8e739 into key list

81     17:09:20.109  09/27/06  Sev=Info/4      IPSEC/0x6370002F
Assigned VA private interface addr 192.168.50.250

82     17:09:20.109  09/27/06  Sev=Info/6      CM/0x63100046
Set tunnel established flag in registry to 1.

83     17:09:21.968  09/27/06  Sev=Info/4      IPSEC/0x63700019
Activate outbound key with SPI=0xc2d7127b for inbound key with SPI=0x8bf8e739

84     17:10:04.468  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 72.159.147.130

85     17:10:04.468  09/27/06  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 72.159.147.130, our seq# = 205082945

86     17:10:04.515  09/27/06  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 72.159.147.130

87     17:10:04.515  09/27/06  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 72.159.147.130

88     17:10:04.515  09/27/06  Sev=Info/5      IKE/0x63000040
Received DPD ACK from 72.159.147.130, seq# received = 205082945, seq# expected = 205082945

89     17:10:19.968  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 72.159.147.130

90     17:10:19.968  09/27/06  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 72.159.147.130, our seq# = 205082946

91     17:10:20.015  09/27/06  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 72.159.147.130

92     17:10:20.015  09/27/06  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 72.159.147.130

93     17:10:20.015  09/27/06  Sev=Info/5      IKE/0x63000040
Received DPD ACK from 72.159.147.130, seq# received = 205082946, seq# expected = 205082946

94     17:10:28.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

95     17:10:38.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

96     17:10:48.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

97     17:10:58.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

98     17:11:18.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

99     17:11:28.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

100    17:11:38.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

101    17:11:58.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

102    17:12:08.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

103    17:12:28.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

104    17:12:38.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

105    17:12:58.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

106    17:13:08.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

107    17:13:18.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

108    17:13:38.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

109    17:13:48.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

110    17:14:08.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

111    17:14:18.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

112    17:14:28.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

113    17:14:48.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

114    17:14:58.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

115    17:15:18.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

116    17:15:28.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

117    17:15:58.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

118    17:16:08.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

119    17:16:28.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

120    17:16:38.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

121    17:16:58.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

122    17:17:08.968  09/27/06  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

123    17:17:09.625  09/27/06  Sev=Info/6      GUI/0x63B0000D
Disconnecting VPN connection.

124    17:17:09.625  09/27/06  Sev=Info/4      CM/0x6310000A
Secure connections terminated

125    17:17:09.625  09/27/06  Sev=Info/4      IKE/0x63000001
IKE received signal to terminate VPN connection

126    17:17:09.625  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 72.159.147.130

127    17:17:09.625  09/27/06  Sev=Info/5      IKE/0x63000018
Deleting IPsec SA: (OUTBOUND SPI = 7B12D7C2 INBOUND SPI = 39E7F88B)

128    17:17:09.625  09/27/06  Sev=Info/4      IKE/0x63000049
Discarding IPsec SA negotiation, MsgID=2A699BE2

129    17:17:09.625  09/27/06  Sev=Info/4      IKE/0x63000017
Marking IKE SA for deletion  (I_Cookie=64AAF2FD5DA2CB65 R_Cookie=BB643A0F26D3EED6) reason = DEL_REASON_RESET_SADB

130    17:17:09.625  09/27/06  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 72.159.147.130

131    17:17:09.625  09/27/06  Sev=Info/5      CVPND/0x63400013
    Destination           Netmask           Gateway         Interface   Metric
        0.0.0.0           0.0.0.0      192.168.20.1    192.168.20.102       20
 72.159.147.130   255.255.255.255      192.168.20.1    192.168.20.102        1
      127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1        1
 169.254.223.75   255.255.255.255    192.168.20.102    192.168.20.102        1
    192.168.9.0     255.255.255.0    192.168.50.250    192.168.50.250        1
   192.168.10.0     255.255.255.0    192.168.50.250    192.168.50.250        1
   192.168.20.0     255.255.255.0    192.168.20.102    192.168.20.102       20
   192.168.20.0     255.255.255.0    192.168.50.250    192.168.50.250        1
   192.168.20.1   255.255.255.255    192.168.20.102    192.168.20.102        1
 192.168.20.102   255.255.255.255         127.0.0.1         127.0.0.1       20
 192.168.20.255   255.255.255.255    192.168.20.102    192.168.20.102       20
   192.168.30.0     255.255.255.0    192.168.50.250    192.168.50.250        1
   192.168.50.0     255.255.255.0    192.168.50.250    192.168.50.250       20
 192.168.50.250   255.255.255.255         127.0.0.1         127.0.0.1       20
 192.168.50.255   255.255.255.255    192.168.50.250    192.168.50.250       20
      224.0.0.0         240.0.0.0    192.168.20.102    192.168.20.102       20
      224.0.0.0         240.0.0.0    192.168.50.250    192.168.50.250       20
255.255.255.255   255.255.255.255    192.168.20.102    192.168.20.102        1
255.255.255.255   255.255.255.255    192.168.20.102           0.0.0.0        1
255.255.255.255   255.255.255.255    192.168.50.250    192.168.50.250        1


132    17:17:09.640  09/27/06  Sev=Info/6      CM/0x63100037
The routing table was returned to original state prior to Virtual Adapter

133    17:17:11.187  09/27/06  Sev=Info/5      CVPND/0x63400013
    Destination           Netmask           Gateway         Interface   Metric
        0.0.0.0           0.0.0.0      192.168.20.1    192.168.20.102       20
      127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1        1
 169.254.223.75   255.255.255.255    192.168.20.102    192.168.20.102        1
   192.168.20.0     255.255.255.0    192.168.20.102    192.168.20.102       20
 192.168.20.102   255.255.255.255         127.0.0.1         127.0.0.1       20
 192.168.20.255   255.255.255.255    192.168.20.102    192.168.20.102       20
      224.0.0.0         240.0.0.0    192.168.20.102    192.168.20.102       20
255.255.255.255   255.255.255.255    192.168.20.102           0.0.0.0        1
255.255.255.255   255.255.255.255    192.168.20.102    192.168.20.102        1


134    17:17:11.187  09/27/06  Sev=Info/4      CM/0x63100035
The Virtual Adapter was disabled

135    17:17:11.187  09/27/06  Sev=Info/4      IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=64AAF2FD5DA2CB65 R_Cookie=BB643A0F26D3EED6) reason = DEL_REASON_RESET_SADB

136    17:17:11.187  09/27/06  Sev=Info/4      CM/0x63100013
Phase 1 SA deleted cause by DEL_REASON_RESET_SADB.  0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

137    17:17:11.187  09/27/06  Sev=Info/5      CM/0x63100025
Initializing CVPNDrv

138    17:17:11.187  09/27/06  Sev=Info/6      CM/0x63100031
Tunnel to headend device vpn.edensandavant.com disconnected: duration: 0 days 0:7:51

139    17:17:11.203  09/27/06  Sev=Info/6      CM/0x63100046
Set tunnel established flag in registry to 0.

140    17:17:11.203  09/27/06  Sev=Info/4      IKE/0x63000086
Microsoft IPSec Policy Agent service started successfully

141    17:17:11.203  09/27/06  Sev=Info/5      CM/0x63100025
Initializing CVPNDrv

142    17:17:11.218  09/27/06  Sev=Info/6      CM/0x63100046
Set tunnel established flag in registry to 0.

143    17:17:11.234  09/27/06  Sev=Info/4      IPSEC/0x63700013
Delete internal key with SPI=0x8bf8e739

144    17:17:11.234  09/27/06  Sev=Info/4      IPSEC/0x6370000C
Key deleted by SPI 0x8bf8e739

145    17:17:11.234  09/27/06  Sev=Info/4      IPSEC/0x63700013
Delete internal key with SPI=0xc2d7127b

146    17:17:11.234  09/27/06  Sev=Info/4      IPSEC/0x6370000C
Key deleted by SPI 0xc2d7127b

147    17:17:11.234  09/27/06  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

148    17:17:11.234  09/27/06  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

149    17:17:11.234  09/27/06  Sev=Info/4      IPSEC/0x6370000A
IPSec driver successfully stopped

150    17:17:11.234  09/27/06  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2006-09-28 at 14:53:50ID22006784
Tags

vpn

,

cisco

,

client

,

connect

Topic

Virtual Private Networking (VPN)

Participating Experts
2
Points
500
Comments
16

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. vpn and ipsec services
    I use a VPN connection (Cisco) to my company computer. Now I get "securing communication channel" when trying to connect then "Remote peer terminated connection." Recently I was playing with Systems Services and I think I disabled IPSec Services and can...
  2. IPSec VPN
    Trying to setup new ASA box for IPSec VPN. I receive this error message in ASDM when a VPN client tries to connect. Group = DefaultRAGroup, IP = x.x.x.x, Error: Unable to remove PeerTblEntry Group = DefaultRAGroup, IP = x.x.x.x, Removing peer from peer table failed, no ma...
  3. Cisco IPSEC vpn
    I am planning to setup a cisco ipsec vpn. Does a windows certificate server need to be installed on the domain or can cisco device itself provide the certificate to remote access clients ? The cisco device is cisco 1700 with advanced security IOS
  4. ipsec vpn configuration
    I have a cisco 1841 router to be configured as ipsec vpn peer to a Cisco 7200 device at the other end. My end is to be directly connected to one of the ethernet interfaces of a speedtouch modem router that is connected to the internet. The ipsec vpn is only for printing from ...
  5. IPSec VPN
    I have to implement hub and spoke VPN topology using one juniper router as a spoke and one cisco router as a hub and one as a spoke. So there will be 3 routers in total. I also need to use Juniper Netscreen in it. Can you tell me if i can use netscreen firewall instead of t...
  6. IPSEC Site to site VPN won't establish Peer
    Hi, I am using a simulator before I apply IPSEC to a live router. I cant seem to get the two sites in the simulator to establish a connection. Can someone look over the config and tell me what I am missing or doing wrong? Site Router1 crypto isakmp policy 50 encr aes au...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: lrmoorePosted on 2006-09-29 at 05:13:21ID: 17626630

You're not trying both at the same time, are you?  If the laptop is already connected then I would not expect that you could then connect with the desktop.
If that is not the case, then you can start looking at differences between the two systems. Both have all MS updates? Any special applications loaded on desktop no on laptop, or vice versa? Try re-installing the VPN client on the desktop? Both using the same .pcf config file? Try manually creating another connection entry and input the group name/password?
Just throwing darts into the wind here for things to look at . . ..

 

by: bbehnamPosted on 2006-09-29 at 05:31:19ID: 17626695

Not connecting both at the same time (I'm not a genius, but not quite that dumb).  Both systems have all updates.  I've uninstalled and reinstalled the client on the desktop several times. Both using the same pcf file I receieved in an email.  I cannot create a new entry as I do not have the group password.

Forgot to mention that at some point I was able to connect on the desktop a couple of months ago, but we were having other issues at their end so I hadn't used it for a while. During that time the only network related changes that we made on the desktop were to DCOM permission to get Winfax sharing to work. It never did and I'm pretty sure I switched everything back (though possible I missed something if that could be a cause). The only other major difference between to the two (other than I have a lot more applications installed on the desktop but nothing networking related, just work apps ie Illustrator, Palm, Mappoint, etc) is that the desktop has a static IP and the laptop does not. But again, this was the same when it worked before.

Is there anyway to monitor what my system is doing during the connect process other than the VPN client log?  I've even looked into the event logs for anything fishy. I figure it must be blocking something or getting stuck somewhere.

 

by: lrmoorePosted on 2006-09-29 at 05:51:03ID: 17626801

Try running Active ports and watch the applications while trying to connect
http://www.protect-me.com/freeware.html

Look for two lines for UDP 500 and UDP 4500 and see if they get established.

Have you perchance rebooted your Linksys router? Perhaps is is holding something in cache..

 

by: bbehnamPosted on 2006-09-29 at 06:40:16ID: 17627153

Rebooted router (powered down and back up after 1 min), no luck.

Active Ports shows UDP 500 & 4500 in Listen state with LSASS until I try to connect with VPN client then switches to Listen state with CVPND, never get Established.

 

by: SELSupportPosted on 2006-09-29 at 09:56:02ID: 17628959

It looks like from your logs that it is getting stuck at Phase 2. Phase 1 is completing successfully, but Phase 2 is timing out for some reason. I see you are running a pretty recent version of the client (mre recent than mine! I'm jealous!). In your log it's taking 7 minutes for it to time out. Do you get propmted for a username and password in you configuration on your laptop and if so, do you get the same prompt on the desktop? Can you ask your tech support if anything has changed on the remote end to the configuration? Try and find out what transform set they are using for IPSEC, if you can.

Looking forward to your response
Phil

 

by: bbehnamPosted on 2006-09-29 at 18:26:42ID: 17632474

I do not get prompted for a login, the username/password is included in the PCF they sent.  I pretty sure nothing has changed on their end. Though even if it had it should affect both my machines as they are using the PCF and connection to connect and the laptop works fine.  I will request the info about IPSEC, but I believe they given up on me, so might not get an answer anytime soon.

 

by: SELSupportPosted on 2006-09-30 at 04:13:29ID: 17634439

Just to clear up I didn't mean the group name and password. You can configure the PIX to request a user name and password once the group password authentication is successful. But that must not be configured if you didn't know that.

What do you see in those 7 minutes before it times out? Are you aware of something happening, or is the VPN up for that time and then drops, or do you not even know about the 7 minute timeout. Just so you knoqw what I'm talking about I mean this part of the  log:

<snip>
22     17:18:07.359  09/27/06  Sev=Info/4     CM/0x6310000E
Established Phase 1 SA.  1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

23     17:18:17.359  09/27/06  Sev=Info/6     IKE/0x63000055
Sent a keepalive on the IPSec SA

<snip>

51     17:22:57.859  09/27/06  Sev=Info/6     IKE/0x63000055
Sent a keepalive on the IPSec SA

52     17:23:07.359  09/27/06  Sev=Info/4     IKE/0x63000017
Marking IKE SA for deletion  (I_Cookie=56E32B7363621FF7 R_Cookie=961E773ECEB59413) reason = DEL_REASON_CANNOT_AUTH


It seems that your IPSEC driver is corrupt. To fix this issue you will have to reinstall the VPN client. To do a clean reinstall you must first uninstall the client, restart your system, then go into the properties of your network card nad make sure you DO NOT see an entry for "deterministic network enhancer". Then reinstall the client.

Let me now how you get on

Phil

 

by: bbehnamPosted on 2006-09-30 at 09:15:05ID: 17635419

During the 7 minutes, the status bar of the client just says Contacting the security Gateway at .....  Nothing else happens until it times out.  I uninstalled the client. Manually removed all files and entries in the registry that the uninstall did not remove, rebooted and reinstalled (BTW, I've done this twice before).  Still no luck.

 

by: SELSupportPosted on 2006-10-03 at 02:12:01ID: 17650162

Mmmm,

There's definitely something wrong with the IPSEC subsystem of your system. Open computer management (right click 'My Computer', select manage) and select Device Manager. In the view menu select 'View hidden Devices'. In the right pane find 'Non-Plug and Play Drivers'. Find 'IPSEC driver' and double click. On the driver tab make sure it is set as a system startup type and that it is started. If it's not started your VPN will not work. Failing that you could try checking your local IPSEC policies, although I've never seen cisco VPN have any trouble with configuration from them.

Let me know how your IPSEC driver is and we'll see if we can take it any further

Phil

 

by: bbehnamPosted on 2006-10-03 at 04:33:41ID: 17650590

IPSEC working, set to System and Started.

 

by: SELSupportPosted on 2006-10-03 at 06:04:24ID: 17651085

The problem is with you IPSEC subsystem in windows. Here is a document to help you troubleshoot that:

http://support.microsoft.com/kb/257225

One thing it doesn't say is how to open group policy if your machine isn't a domain member. In that case you'll have to edit your local policy. Do this by going to Start|Run and type gpedit.msc.
A very important command this mentions is "netdiag /test:ipsec /v". That gives detailed info about the IPSEC subsystem.

Hear from you soon,

Phil

 

by: bbehnamPosted on 2006-10-04 at 08:19:53ID: 17660047

I went through the support doc and did the Netdiag test. There were no errors except for my 1394 adapter (which is ok since that's not what I'm using). As far as the rest of the doc, it's a bit outside my expertise to follow.  To the extent I could, I cross checked the settings against my laptop and both systems seem to have the same settings.

What's the next step?

 

by: SELSupportPosted on 2006-10-04 at 15:08:37ID: 17664014

Bad news I'm afraid. I'm all out of suggestions. Unless anyone else can think of anthing it looks like you're going to have to rebuild the laptop. If you have a half decent IT Support department they should be able to turn it round in half a day. If not then it could take a while to rebuild it from scratch. I know it's not what you wanted to hear, but it seems the only way out of your hole, and I'm out of suggestions.

Sorry, mate! :-(

Phil

 

by: bbehnamPosted on 2006-10-05 at 05:44:06ID: 17667747

Well, I was hoping it wouldn't come to that, but I knew it was a last resort. Thanks for all your efforts.

 

by: bbehnamPosted on 2006-11-03 at 17:23:29ID: 17871437

I will accept SELSupport for all the effort he put in though we did not resolve.

On another note, I reinstalled my OS from scratch got my system back to where it should be and alas, the VPN was doing the same thing. Turns out if I switch my TCPIP settings to auto from static it worked.  Since I need my machine to have a static IP, I set it back and went into the Cisco client and turned off Enable Transport Tunneling on the Transport tab, works like a charm now!!!

I'ld like to say I knew what I was doing, but it was a wild guess!!

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...