Advertisement

05.14.2008 at 08:18PM PDT, ID: 23403899
[x]
Attachment Details

Cisco VPN error - Phase-2 retransmission count exceeded: MsgID=175A5768

Asked by MikeWieland in Virtual Private Networking (VPN), Miscellaneous Networking, IPSec Security Protocol

I can no longer connect to a Cisco ASA 5505 from my Cisco VPN Client.  It worked fine until yesterday and, as far as I know,  nothing has been changed at either end.  I have more than one PC that can no longer connect.  I checked the config on the ASA 5505 and reset the password, but could not fing anything that looked wrong.  I am using Cisco's VPN Client software version 4.8.01.0300 running on a Windows XP SP2 PC.  Here is the log file.  Any help would be appreciated.

Cisco Systems VPN Client Version 4.8.01.0300
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.1.2600 Service Pack 2

259    13:29:52.671  05/14/08  Sev=Info/4      CM/0x63100002
Begin connection process

260    13:29:52.701  05/14/08  Sev=Info/4      CVPND/0xE3400001
Microsoft IPSec Policy Agent service stopped successfully

261    13:29:52.701  05/14/08  Sev=Info/4      CM/0x63100004
Establish secure connection using Ethernet

262    13:29:52.701  05/14/08  Sev=Info/4      CM/0x63100024
Attempt connection with server "74.219.104.186"

263    13:29:52.721  05/14/08  Sev=Info/6      IKE/0x6300003B
Attempting to establish a connection with 74.219.104.186.

264    13:29:52.761  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 74.219.104.186

265    13:29:52.821  05/14/08  Sev=Info/4      IPSEC/0x63700008
IPSec driver successfully started

266    13:29:52.821  05/14/08  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

267    13:29:52.821  05/14/08  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 74.219.104.186

268    13:29:52.821  05/14/08  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Nat-T), NAT-D, NAT-D, VID(Frag), VID(?)) from 74.219.104.186

269    13:29:52.821  05/14/08  Sev=Info/5      IKE/0x63000001
Peer is a Cisco-Unity compliant peer

270    13:29:52.821  05/14/08  Sev=Info/5      IKE/0x63000001
Peer supports XAUTH

271    13:29:52.821  05/14/08  Sev=Info/5      IKE/0x63000001
Peer supports DPD

272    13:29:52.821  05/14/08  Sev=Info/5      IKE/0x63000001
Peer supports NAT-T

273    13:29:52.821  05/14/08  Sev=Info/5      IKE/0x63000001
Peer supports IKE fragmentation payloads

274    13:29:52.931  05/14/08  Sev=Info/6      IKE/0x63000001
IOS Vendor ID Contruction successful

275    13:29:52.931  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, NAT-D, NAT-D, VID(?), VID(Unity)) to 74.219.104.186

276    13:29:52.951  05/14/08  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

277    13:29:52.951  05/14/08  Sev=Info/4      IKE/0x63000083
IKE Port in use - Local Port =  0x1194, Remote Port = 0x1194

278    13:29:52.951  05/14/08  Sev=Info/5      IKE/0x63000072
Automatic NAT Detection Status:
   Remote end is NOT behind a NAT device
   This   end IS behind a NAT device

279    13:29:52.951  05/14/08  Sev=Info/4      CM/0x6310000E
Established Phase 1 SA.  1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

280    13:29:52.991  05/14/08  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 74.219.104.186

281    13:29:52.991  05/14/08  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 74.219.104.186

282    13:29:52.991  05/14/08  Sev=Info/4      CM/0x63100015
Launch xAuth application

283    13:29:57.568  05/14/08  Sev=Info/4      CM/0x63100017
xAuth application returned

284    13:29:57.568  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 74.219.104.186

285    13:29:57.618  05/14/08  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 74.219.104.186

286    13:29:57.618  05/14/08  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 74.219.104.186

287    13:29:57.618  05/14/08  Sev=Info/4      CM/0x63100015
Launch xAuth application

288    13:29:59.491  05/14/08  Sev=Info/4      CM/0x63100017
xAuth application returned

289    13:29:59.491  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 74.219.104.186

290    13:29:59.531  05/14/08  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 74.219.104.186

291    13:29:59.531  05/14/08  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 74.219.104.186

292    13:29:59.531  05/14/08  Sev=Info/4      CM/0x63100015
Launch xAuth application

293    13:30:03.326  05/14/08  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

294    13:30:04.107  05/14/08  Sev=Info/4      CM/0x63100017
xAuth application returned

295    13:30:04.107  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 74.219.104.186

296    13:30:04.158  05/14/08  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 74.219.104.186

297    13:30:04.158  05/14/08  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 74.219.104.186

298    13:30:04.158  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 74.219.104.186

299    13:30:04.158  05/14/08  Sev=Info/4      IKE/0x63000017
Marking IKE SA for deletion  (I_Cookie=16DA1921E49F4D9E R_Cookie=258F5DDA2AFC6CA2) reason = DEL_REASON_WE_FAILED_AUTH

300    13:30:04.158  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 74.219.104.186

301    13:30:04.828  05/14/08  Sev=Info/4      IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=16DA1921E49F4D9E R_Cookie=258F5DDA2AFC6CA2) reason = DEL_REASON_WE_FAILED_AUTH

302    13:30:04.828  05/14/08  Sev=Info/4      CM/0x63100014
Unable to establish Phase 1 SA with server "74.219.104.186" because of "DEL_REASON_WE_FAILED_AUTH"

303    13:30:04.828  05/14/08  Sev=Info/5      CM/0x63100025
Initializing CVPNDrv

304    13:30:04.899  05/14/08  Sev=Info/6      CM/0x63100046
Set tunnel established flag in registry to 0.

305    13:30:04.899  05/14/08  Sev=Info/4      IKE/0x63000001
IKE received signal to terminate VPN connection

306    13:30:04.919  05/14/08  Sev=Info/4      IKE/0x63000086
Microsoft IPSec Policy Agent service started successfully

307    13:30:05.359  05/14/08  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

308    13:30:05.359  05/14/08  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

309    13:30:05.359  05/14/08  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

310    13:30:05.359  05/14/08  Sev=Info/4      IPSEC/0x6370000A
IPSec driver successfully stopped

311    13:30:32.148  05/14/08  Sev=Info/4      CM/0x63100002
Begin connection process

312    13:30:32.188  05/14/08  Sev=Info/4      CVPND/0xE3400001
Microsoft IPSec Policy Agent service stopped successfully

313    13:30:32.188  05/14/08  Sev=Info/4      CM/0x63100004
Establish secure connection using Ethernet

314    13:30:32.188  05/14/08  Sev=Info/4      CM/0x63100024
Attempt connection with server "74.219.104.186"

315    13:30:33.199  05/14/08  Sev=Info/6      IKE/0x6300003B
Attempting to establish a connection with 74.219.104.186.

316    13:30:33.239  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 74.219.104.186

317    13:30:33.269  05/14/08  Sev=Info/4      IPSEC/0x63700008
IPSec driver successfully started

318    13:30:33.269  05/14/08  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

319    13:30:33.309  05/14/08  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 74.219.104.186

320    13:30:33.309  05/14/08  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Nat-T), NAT-D, NAT-D, VID(Frag), VID(?)) from 74.219.104.186

321    13:30:33.309  05/14/08  Sev=Info/5      IKE/0x63000001
Peer is a Cisco-Unity compliant peer

322    13:30:33.309  05/14/08  Sev=Info/5      IKE/0x63000001
Peer supports XAUTH

323    13:30:33.309  05/14/08  Sev=Info/5      IKE/0x63000001
Peer supports DPD

324    13:30:33.309  05/14/08  Sev=Info/5      IKE/0x63000001
Peer supports NAT-T

325    13:30:33.309  05/14/08  Sev=Info/5      IKE/0x63000001
Peer supports IKE fragmentation payloads

326    13:30:33.350  05/14/08  Sev=Info/6      IKE/0x63000001
IOS Vendor ID Contruction successful

327    13:30:33.350  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, NAT-D, NAT-D, VID(?), VID(Unity)) to 74.219.104.186

328    13:30:33.350  05/14/08  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

329    13:30:33.350  05/14/08  Sev=Info/4      IKE/0x63000083
IKE Port in use - Local Port =  0x1194, Remote Port = 0x1194

330    13:30:33.350  05/14/08  Sev=Info/5      IKE/0x63000072
Automatic NAT Detection Status:
   Remote end is NOT behind a NAT device
   This   end IS behind a NAT device

331    13:30:33.350  05/14/08  Sev=Info/4      CM/0x6310000E
Established Phase 1 SA.  1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

332    13:30:33.390  05/14/08  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 74.219.104.186

333    13:30:33.390  05/14/08  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 74.219.104.186

334    13:30:33.390  05/14/08  Sev=Info/4      CM/0x63100015
Launch xAuth application

335    13:30:37.786  05/14/08  Sev=Info/4      CM/0x63100017
xAuth application returned

336    13:30:37.786  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 74.219.104.186

337    13:30:37.826  05/14/08  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 74.219.104.186

338    13:30:37.826  05/14/08  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 74.219.104.186

339    13:30:37.826  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 74.219.104.186

340    13:30:37.826  05/14/08  Sev=Info/4      CM/0x6310000E
Established Phase 1 SA.  1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system

341    13:30:37.906  05/14/08  Sev=Info/5      IKE/0x6300005E
Client sending a firewall request to concentrator

342    13:30:37.906  05/14/08  Sev=Info/5      IKE/0x6300005D
Firewall Policy: Product=Cisco Systems Integrated Client Firewall, Capability= (Centralized Protection Policy).

343    13:30:37.916  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 74.219.104.186

344    13:30:43.384  05/14/08  Sev=Info/4      IKE/0x63000021
Retransmitting last packet!

345    13:30:43.384  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(Retransmission) to 74.219.104.186

346    13:30:43.384  05/14/08  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

347    13:30:45.827  05/14/08  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 74.219.104.186

348    13:30:45.827  05/14/08  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(Retransmission) from 74.219.104.186

349    13:30:45.827  05/14/08  Sev=Info/4      IKE/0x63000021
Retransmitting last packet!

350    13:30:45.827  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(Retransmission) to 74.219.104.186

351    13:30:48.391  05/14/08  Sev=Info/4      IKE/0x63000021
Retransmitting last packet!

352    13:30:48.391  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(Retransmission) to 74.219.104.186

353    13:30:53.398  05/14/08  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

354    13:30:53.398  05/14/08  Sev=Info/4      IKE/0x63000021
Retransmitting last packet!

355    13:30:53.398  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(Retransmission) to 74.219.104.186

356    13:30:53.829  05/14/08  Sev=Info/5      IKE/0x6300002F
Received ISAKMP packet: peer = 74.219.104.186

357    13:30:53.829  05/14/08  Sev=Info/4      IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(Retransmission) from 74.219.104.186

358    13:30:53.829  05/14/08  Sev=Info/4      IKE/0x63000021
Retransmitting last packet!

359    13:30:53.829  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(Retransmission) to 74.219.104.186

360    13:30:58.406  05/14/08  Sev=Info/4      IKE/0x6300002D
Phase-2 retransmission count exceeded: MsgID=175A5768

361    13:30:58.406  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 74.219.104.186

362    13:30:58.406  05/14/08  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 74.219.104.186, our seq# = 3942861244

363    13:30:58.406  05/14/08  Sev=Info/4      IKE/0x63000017
Marking IKE SA for deletion  (I_Cookie=D0E43892930BBC6B R_Cookie=879A9ABB7B5CEED8) reason = DEL_REASON_IKE_NEG_FAILED

364    13:30:58.406  05/14/08  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 74.219.104.186

365    13:31:01.410  05/14/08  Sev=Info/4      IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=D0E43892930BBC6B R_Cookie=879A9ABB7B5CEED8) reason = DEL_REASON_IKE_NEG_FAILED

366    13:31:01.410  05/14/08  Sev=Info/4      CM/0x6310000F
Phase 1 SA deleted before Mode Config is completed cause by "DEL_REASON_IKE_NEG_FAILED".  0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

367    13:31:01.410  05/14/08  Sev=Info/5      CM/0x63100025
Initializing CVPNDrv

368    13:31:01.480  05/14/08  Sev=Info/6      CM/0x63100046
Set tunnel established flag in registry to 0.

369    13:31:01.490  05/14/08  Sev=Info/4      IKE/0x63000001
IKE received signal to terminate VPN connection

370    13:31:01.500  05/14/08  Sev=Info/4      IKE/0x63000086
Microsoft IPSec Policy Agent service started successfully

371    13:31:01.510  05/14/08  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

372    13:31:01.510  05/14/08  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

373    13:31:01.510  05/14/08  Sev=Info/4      IPSEC/0x63700014
Deleted all keys

374    13:31:01.510  05/14/08  Sev=Info/4      IPSEC/0x6370000A
IPSec driver successfully stopped
Start Free Trial
[+][-]05.14.2008 at 11:10PM PDT, ID: 21570968

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.15.2008 at 07:22AM PDT, ID: 21573924

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.15.2008 at 01:04PM PDT, ID: 21577478

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.15.2008 at 07:44PM PDT, ID: 21579639

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.16.2008 at 07:24AM PDT, ID: 21582972

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.18.2008 at 04:25PM PDT, ID: 21594445

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.18.2008 at 04:34PM PDT, ID: 21594467

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.18.2008 at 08:45PM PDT, ID: 21595105

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.19.2008 at 06:32AM PDT, ID: 21597586

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.19.2008 at 07:20AM PDT, ID: 21598001

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Virtual Private Networking (VPN), Miscellaneous Networking, IPSec Security Protocol
Sign Up Now!
Solution Provided By: arnold
Participating Experts: 1
Solution Grade: B
 
 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628