chunkyshu
asked on
VPN with hard wire works... VPN with wireless does not
Hi Experts!
I just took a new position at work supporting our VPN client. Since I started 3 weeks ago, I have received multiple (more than 10) calls from people who are using VPN to connect to the corporate network but do not have access network resources.
To give you the low down the configuration looks something like this:
Users are connecting via Cisco VPN Client v4.8 running on Windows XP Professional. Each user has a different laptop - all Dell except 1 IBM. All are on thier home networks, which are ALL on COMCAST cable networks, but using different routers (some Linksys, some d-link, you get the picture). The strange thing is, all people are having the same problem. If they try to VPN from home over thier wireless Comcast networks, they connect to the company and get an IP address from the corporate network, but get no connectivity to network resouces. If they VPN using a hard wired connection directly to thier router, they connect with no problem.
The strange thing about this is, if these same users who are experiencing difficulty at home go to an open network (i.e. Starbucks or Panera, or even our company wireless outernet connection) the VPN allows them to connectivity with no problem, with connectivity to network resouces.
Another weird thing about this is, I'm using Comcast Cable and have no problem at all. I use the same company configuration on my laptop and don't have a problem ~ so it's very hard for me to test why this is happening.
I have one of the users working with me to determine why this may be happening ~ she was nice enough to send me a log file along with statistics from the Cisco VPN Client. There were some weird stats ~ for example, when she is using Tunnel All, if I look under Statistics and choose the Tunnel Details tab, there are quite a number of packets encrypted, but no packets decrypted and 29,812 bytes sent, but only 259 bytes received. Moving on to the Route Details tab there should be a list of Secured Routes, yet there are none. Split Tunnel provides different statistics under packet encrypted there are 543, and decrypted 94 ~ bytes received ther are 29,248 and bytes sent is 54,178. The Secured Routes at least has the correct routing table in it.
When I look at the statistics on my system and the VPN connection is working properly, the ratio between packets encrypted/decrypted is very similar, as well as with bytes sent/received.
Has anyone seen this issue? Is there a setting I can change either on the wireless router end or VPN end to allow my users to connect to thier resources when VPN'd over Comcast wireless into the corporate network?
I just took a new position at work supporting our VPN client. Since I started 3 weeks ago, I have received multiple (more than 10) calls from people who are using VPN to connect to the corporate network but do not have access network resources.
To give you the low down the configuration looks something like this:
Users are connecting via Cisco VPN Client v4.8 running on Windows XP Professional. Each user has a different laptop - all Dell except 1 IBM. All are on thier home networks, which are ALL on COMCAST cable networks, but using different routers (some Linksys, some d-link, you get the picture). The strange thing is, all people are having the same problem. If they try to VPN from home over thier wireless Comcast networks, they connect to the company and get an IP address from the corporate network, but get no connectivity to network resouces. If they VPN using a hard wired connection directly to thier router, they connect with no problem.
The strange thing about this is, if these same users who are experiencing difficulty at home go to an open network (i.e. Starbucks or Panera, or even our company wireless outernet connection) the VPN allows them to connectivity with no problem, with connectivity to network resouces.
Another weird thing about this is, I'm using Comcast Cable and have no problem at all. I use the same company configuration on my laptop and don't have a problem ~ so it's very hard for me to test why this is happening.
I have one of the users working with me to determine why this may be happening ~ she was nice enough to send me a log file along with statistics from the Cisco VPN Client. There were some weird stats ~ for example, when she is using Tunnel All, if I look under Statistics and choose the Tunnel Details tab, there are quite a number of packets encrypted, but no packets decrypted and 29,812 bytes sent, but only 259 bytes received. Moving on to the Route Details tab there should be a list of Secured Routes, yet there are none. Split Tunnel provides different statistics under packet encrypted there are 543, and decrypted 94 ~ bytes received ther are 29,248 and bytes sent is 54,178. The Secured Routes at least has the correct routing table in it.
When I look at the statistics on my system and the VPN connection is working properly, the ratio between packets encrypted/decrypted is very similar, as well as with bytes sent/received.
Has anyone seen this issue? Is there a setting I can change either on the wireless router end or VPN end to allow my users to connect to thier resources when VPN'd over Comcast wireless into the corporate network?
ASKER
I have dropped the MTU's ~ to 1000, to see if that would make a difference.
So I tried another experiment this past Friday. I had ther user at my office who was having problems on her own network, bring her laptop over to my house to see if she could VPN in from my wireless network ~ which I have no problem with.
She *still* had the same issue. Yet, I was sitting next to her and was able to connect and VPN with network resources with no problem. I'm thinking it is a configuration of some sort with the laptops we are using. Maybe it's the wireless card or something along those lines.
Has anyone seen this problem?
So I tried another experiment this past Friday. I had ther user at my office who was having problems on her own network, bring her laptop over to my house to see if she could VPN in from my wireless network ~ which I have no problem with.
She *still* had the same issue. Yet, I was sitting next to her and was able to connect and VPN with network resources with no problem. I'm thinking it is a configuration of some sort with the laptops we are using. Maybe it's the wireless card or something along those lines.
Has anyone seen this problem?
Very odd....
To confirm;
-users can connect from an Internet café using wireless but not at home
-users can connect wired to their home routers but not wirelessly
-one user at least cannot connect wirelessly from your site but you can
-When the users connect by wire, they are connecting to the router and not the modem directly, right ???
-When reducing the MTU do so on the local router and the PC. also you can run into different problems if you drop it too low. Try 1300 or more, rather than 1000.
-I have seen several cases were users have had problems with wireless and VPN's lately. One suggestion is a conflict between the VPN encryption and the wireless encryption. Can you try as a test, eliminating any wireless encryption, WEP, WPA, etc.
To confirm;
-users can connect from an Internet café using wireless but not at home
-users can connect wired to their home routers but not wirelessly
-one user at least cannot connect wirelessly from your site but you can
-When the users connect by wire, they are connecting to the router and not the modem directly, right ???
-When reducing the MTU do so on the local router and the PC. also you can run into different problems if you drop it too low. Try 1300 or more, rather than 1000.
-I have seen several cases were users have had problems with wireless and VPN's lately. One suggestion is a conflict between the VPN encryption and the wireless encryption. Can you try as a test, eliminating any wireless encryption, WEP, WPA, etc.
ASKER
Hi RobWill...
Yes you have confirmed correctly. Strange huh? And yes, I'll try your test. I have been doing a bunch of google searching lately and I have seen a few posts where people suggest eliminating any wireless encryption. I'll test that and come back with results.
Thanks for the tip... please stay tuned.
-Christie
Yes you have confirmed correctly. Strange huh? And yes, I'll try your test. I have been doing a bunch of google searching lately and I have seen a few posts where people suggest eliminating any wireless encryption. I'll test that and come back with results.
Thanks for the tip... please stay tuned.
-Christie
>>"please stay tuned"
Will do, let us know how you make out.
--Rob
Will do, let us know how you make out.
--Rob
ASKER
As I didn't have the opportunity to have one of my users test the encryption theory, I did do a little searching around on my own in the logs. I noticed something strange. In the logs that are sent to me that have a connection with no access to resources ~ each log has an entry that says "Virtual Adapter is Disabled" on line 18 ~ then on line 103 it's enabled again. Also the Metric is 25 where as those who connect have a metric of 20. Notice here in the logs:
17 22:22:19.382 05/31/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.116 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.116 192.168.1.116 25
192.168.1.116 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.116 192.168.1.116 25
224.0.0.0 240.0.0.0 192.168.1.116 192.168.1.116 25
255.255.255.255 255.255.255.255 192.168.1.116 0.0.0.0 1
255.255.255.255 255.255.255.255 192.168.1.116 192.168.1.116 1
18 22:22:19.382 05/31/06 Sev=Info/4 CM/0x63100035
The Virtual Adapter was disabled
19 22:22:19.382 05/31/06 Sev=Info/4 IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=FC81CD8AA4E747FF R_Cookie=1CC315D1B3B19AF9) reason = DEL_REASON_RESET_SADB
20 22:22:19.382 05/31/06 Sev=Info/4 CM/0x63100013
Phase 1 SA deleted cause by DEL_REASON_RESET_SADB. 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
21 22:22:19.382 05/31/06 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv
22 22:22:19.392 05/31/06 Sev=Info/6 CM/0x63100031
Tunnel to headend device 129.83.20.113 disconnected: duration: 0 days 0:8:7
23 22:22:19.492 05/31/06 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv
24 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700013
Delete internal key with SPI=0x49cf257a
25 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x6370000C
Key deleted by SPI 0x49cf257a
26 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700013
Delete internal key with SPI=0x0fa7433c
27 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x6370000C
Key deleted by SPI 0x0fa7433c
28 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700010
Created a new key structure
29 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x6370000B
Key requested
30 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700013
Delete internal key with SPI=0x00000000
31 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
32 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
33 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x6370000A
IPSec driver successfully stopped
34 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
35 22:22:19.512 05/31/06 Sev=Warning/2 IKE/0xA3000067
Received an IPC message during invalid state (IKE_MAIN:507)
36 22:22:24.549 05/31/06 Sev=Info/4 CM/0x63100002
Begin connection process
37 22:22:24.559 05/31/06 Sev=Warning/2 CVPND/0xA3400011
Error -14 sending packet. Dst Addr: 0xFFFFFFFF, Src Addr: 0xC0A80174 (DRVIFACE:1158).
38 22:22:24.569 05/31/06 Sev=Info/4 CM/0x63100004
Establish secure connection using Ethernet
39 22:22:24.569 05/31/06 Sev=Info/4 CM/0x63100024
Attempt connection with server "129.83.20.113"
40 22:22:24.600 05/31/06 Sev=Info/6 IKE/0x6300003B
Attempting to establish a connection with 129.83.20.113.
41 22:22:24.620 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 129.83.20.113
42 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
43 22:22:24.780 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Nat-T), NAT-D, NAT-D, VID(Frag), VID(?), VID(?)) from 129.83.20.113
44 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer is a Cisco-Unity compliant peer
45 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer supports XAUTH
46 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer supports DPD
47 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer supports NAT-T
48 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer supports IKE fragmentation payloads
49 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer supports DWR Code and DWR Text
50 22:22:24.800 05/31/06 Sev=Info/6 IKE/0x63000001
IOS Vendor ID Contruction successful
51 22:22:24.800 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONT ACT, NAT-D, NAT-D, VID(?), VID(Unity)) to 129.83.20.113
52 22:22:24.800 05/31/06 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA
53 22:22:24.800 05/31/06 Sev=Info/4 IKE/0x63000083
IKE Port in use - Local Port = 0x1194, Remote Port = 0x1194
54 22:22:24.800 05/31/06 Sev=Info/5 IKE/0x63000072
Automatic NAT Detection Status:
Remote end is NOT behind a NAT device
This end IS behind a NAT device
55 22:22:24.800 05/31/06 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
56 22:22:24.840 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
57 22:22:24.840 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 129.83.20.113
58 22:22:24.840 05/31/06 Sev=Info/4 CM/0x63100015
Launch xAuth application
59 22:22:24.920 05/31/06 Sev=Info/4 IPSEC/0x63700008
IPSec driver successfully started
60 22:22:24.920 05/31/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
61 22:22:24.920 05/31/06 Sev=Info/6 IPSEC/0x6370002C
Sent 269 packets, 0 were fragmented.
62 22:22:24.920 05/31/06 Sev=Info/4 IPSEC/0x6370000D
Key(s) deleted by Interface (192.43.245.73)
63 22:22:34.954 05/31/06 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA
64 22:22:36.627 05/31/06 Sev=Info/4 CM/0x63100017
xAuth application returned
65 22:22:36.627 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 129.83.20.113
66 22:22:38.990 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
67 22:22:38.990 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 129.83.20.113
68 22:22:38.990 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 129.83.20.113
69 22:22:38.990 05/31/06 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system
70 22:22:39.050 05/31/06 Sev=Info/5 IKE/0x6300005E
Client sending a firewall request to concentrator
71 22:22:39.050 05/31/06 Sev=Info/5 IKE/0x6300005D
Firewall Policy: Product=Cisco Systems Integrated Client Firewall, Capability= (Centralized Protection Policy).
72 22:22:39.050 05/31/06 Sev=Info/5 IKE/0x6300005D
Firewall Policy: Product=ZoneLabs Integrity Agent, Capability= (Client/Server).
73 22:22:39.050 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 129.83.20.113
74 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
75 22:22:40.122 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 129.83.20.113
76 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_ADDRESS: , value = 129.83.200.30
77 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NETMASK: , value = 255.255.255.0
78 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(1): , value = 129.83.20.47
79 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(2): , value = 129.83.20.100
80 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NBNS(1) (a.k.a. WINS) : , value = 129.83.25.1
81 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NBNS(2) (a.k.a. WINS) : , value = 129.83.25.3
82 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300000D
MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SAVEPWD: , value = 0x00000000
83 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300000E
MODE_CFG_REPLY: Attribute = MODECFG_UNITY_DEFDOMAIN: , value = mitre.org
84 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300000D
MODE_CFG_REPLY: Attribute = MODECFG_UNITY_PFS: , value = 0x00000000
85 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300000E
MODE_CFG_REPLY: Attribute = APPLICATION_VERSION, value = Cisco Systems, Inc./VPN 3000 Concentrator Version 4.1.7.E built by vmurphy on Mar 14 2005 11:25:43
86 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300000D
MODE_CFG_REPLY: Attribute = Received and using NAT-T port number , value = 0x00001194
87 22:22:40.122 05/31/06 Sev=Info/4 CM/0x63100019
Mode Config data received
88 22:22:40.142 05/31/06 Sev=Info/4 IKE/0x63000056
Received a key request from Driver: Local IP = 129.83.200.30, GW IP = 129.83.20.113, Remote IP = 0.0.0.0
89 22:22:40.142 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK QM *(HASH, SA, NON, ID, ID) to 129.83.20.113
90 22:22:40.142 05/31/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
91 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
92 22:22:40.182 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_RESP_LIFETIM E) from 129.83.20.113
93 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000045
RESPONDER-LIFETIME notify has value of 86400 seconds
94 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000047
This SA has already been alive for 16 seconds, setting expiry to 86384 seconds from now
95 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
96 22:22:40.182 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK QM *(HASH, SA, NON, ID, ID, NOTIFY:STATUS_RESP_LIFETIM E) from 129.83.20.113
97 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000045
RESPONDER-LIFETIME notify has value of 28800 seconds
98 22:22:40.182 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK QM *(HASH) to 129.83.20.113
99 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000059
Loading IPsec SA (MsgID=E0C74746 OUTBOUND SPI = 0x01D89585 INBOUND SPI = 0x7A3F1995)
100 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000025
Loaded OUTBOUND ESP SPI: 0x01D89585
101 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000026
Loaded INBOUND ESP SPI: 0x7A3F1995
102 22:22:40.282 05/31/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.116 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.116 192.168.1.116 25
192.168.1.116 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.116 192.168.1.116 25
224.0.0.0 240.0.0.0 192.168.1.116 192.168.1.116 25
255.255.255.255 255.255.255.255 192.168.1.116 0.0.0.0 1
255.255.255.255 255.255.255.255 192.168.1.116 192.168.1.116 1
103 22:22:40.833 05/31/06 Sev=Info/4 CM/0x63100034
The Virtual Adapter was enabled:
IP=129.83.200.30/255.255.2 55.0
DNS=129.83.20.47,129.83.20 .100
WINS=129.83.25.1,129.83.25 .3
Domain=mitre.org
Split DNS Names=
104 22:22:40.833 05/31/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 129.83.200.30 129.83.200.30 1
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.116 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
129.83.200.0 255.255.255.0 129.83.200.30 129.83.200.30 25
129.83.200.30 255.255.255.255 127.0.0.1 127.0.0.1 25
129.83.255.255 255.255.255.255 129.83.200.30 129.83.200.30 25
192.168.1.0 255.255.255.0 192.168.1.116 192.168.1.116 25
192.168.1.116 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.116 192.168.1.116 25
224.0.0.0 240.0.0.0 129.83.200.30 129.83.200.30 25
224.0.0.0 240.0.0.0 192.168.1.116 192.168.1.116 25
255.255.255.255 255.255.255.255 129.83.200.30 0.0.0.0 1
255.255.255.255 255.255.255.255 129.83.200.30 129.83.200.30 1
255.255.255.255 255.255.255.255 192.168.1.116 192.168.1.116 1
105 22:22:40.833 05/31/06 Sev=Warning/2 CVPND/0xE3400013
AddRoute failed to add a route: code 87
Destination 192.168.1.255
Netmask 255.255.255.255
Gateway 129.83.200.30
Interface 129.83.200.30
106 22:22:40.833 05/31/06 Sev=Warning/2 CM/0xA3100024
Unable to add route. Network: c0a801ff, Netmask: ffffffff, Interface: 8153c81e, Gateway: 8153c81e.
107 22:22:40.863 05/31/06 Sev=Info/4 CM/0x63100038
Successfully saved route changes to file.
108 22:22:40.863 05/31/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 129.83.200.30 129.83.200.30 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
129.83.20.113 255.255.255.255 192.168.1.1 192.168.1.116 1
129.83.200.0 255.255.255.0 129.83.200.30 129.83.200.30 25
129.83.200.30 255.255.255.255 127.0.0.1 127.0.0.1 25
129.83.255.255 255.255.255.255 129.83.200.30 129.83.200.30 25
192.168.1.0 255.255.255.0 192.168.1.116 192.168.1.116 25
192.168.1.0 255.255.255.0 129.83.200.30 129.83.200.30 25
192.168.1.1 255.255.255.255 192.168.1.116 192.168.1.116 1
192.168.1.116 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.116 192.168.1.116 25
224.0.0.0 240.0.0.0 129.83.200.30 129.83.200.30 25
224.0.0.0 240.0.0.0 192.168.1.116 192.168.1.116 25
255.255.255.255 255.255.255.255 129.83.200.30 0.0.0.0 1
255.255.255.255 255.255.255.255 129.83.200.30 129.83.200.30 1
255.255.255.255 255.255.255.255 192.168.1.116 192.168.1.116 1
109 22:22:40.863 05/31/06 Sev=Info/6 CM/0x63100036
The routing table was updated for the Virtual Adapter
110 22:22:40.913 05/31/06 Sev=Info/4 CM/0x6310001A
One secure connection established
111 22:22:40.973 05/31/06 Sev=Info/4 CM/0x6310003B
Address watch added for 192.168.1.116. Current hostname: MM133203-PC, Current address(es): 129.83.200.30, 192.168.1.116.
112 22:22:40.973 05/31/06 Sev=Info/4 CM/0x6310003B
Address watch added for 129.83.200.30. Current hostname: MM133203-PC, Current address(es): 129.83.200.30, 192.168.1.116.
113 22:22:40.973 05/31/06 Sev=Info/4 IPSEC/0x63700010
Created a new key structure
**************
Yet the log that is created from my entry where I am connected I do not receive this problem. I am always able to connect as well as have a much larger routing table... here is piece of my log:
69 16:12:48.200 06/05/06 Sev=Info/5 IKE/0x63000026
Loaded INBOUND ESP SPI: 0xE4E57066
70 16:12:48.280 06/05/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 128.29.99.254 128.29.99.39 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
128.29.99.0 255.255.255.0 128.29.99.39 128.29.99.39 20
128.29.99.39 255.255.255.255 127.0.0.1 127.0.0.1 20
128.29.255.255 255.255.255.255 128.29.99.39 128.29.99.39 20
192.168.236.0 255.255.255.0 192.168.236.1 192.168.236.1 20
192.168.236.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.236.255 255.255.255.255 192.168.236.1 192.168.236.1 20
192.168.245.0 255.255.255.0 192.168.245.1 192.168.245.1 20
192.168.245.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.245.255 255.255.255.255 192.168.245.1 192.168.245.1 20
224.0.0.0 240.0.0.0 128.29.99.39 128.29.99.39 20
224.0.0.0 240.0.0.0 192.168.236.1 192.168.236.1 20
224.0.0.0 240.0.0.0 192.168.245.1 192.168.245.1 20
255.255.255.255 255.255.255.255 128.29.99.39 128.29.99.39 1
255.255.255.255 255.255.255.255 192.168.236.1 192.168.236.1 1
255.255.255.255 255.255.255.255 192.168.245.1 192.168.245.1 1
71 16:12:54.273 06/05/06 Sev=Info/4 CM/0x63100034
The Virtual Adapter was enabled:
IP=129.83.201.39/255.255.0 .0
DNS=129.83.20.47,129.83.20 .100
WINS=129.83.25.1,129.83.25 .3
Domain=mitre.org
Split DNS Names=
72 16:12:54.273 06/05/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 128.29.99.254 128.29.99.39 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
128.29.99.0 255.255.255.0 128.29.99.39 128.29.99.39 20
128.29.99.39 255.255.255.255 127.0.0.1 127.0.0.1 20
128.29.255.255 255.255.255.255 128.29.99.39 128.29.99.39 20
129.83.0.0 255.255.0.0 129.83.201.39 129.83.201.39 20
129.83.201.39 255.255.255.255 127.0.0.1 127.0.0.1 20
129.83.255.255 255.255.255.255 129.83.201.39 129.83.201.39 20
192.168.236.0 255.255.255.0 192.168.236.1 192.168.236.1 20
192.168.236.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.236.255 255.255.255.255 192.168.236.1 192.168.236.1 20
192.168.245.0 255.255.255.0 192.168.245.1 192.168.245.1 20
192.168.245.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.245.255 255.255.255.255 192.168.245.1 192.168.245.1 20
224.0.0.0 240.0.0.0 128.29.99.39 128.29.99.39 20
224.0.0.0 240.0.0.0 129.83.201.39 129.83.201.39 20
224.0.0.0 240.0.0.0 192.168.236.1 192.168.236.1 20
224.0.0.0 240.0.0.0 192.168.245.1 192.168.245.1 20
255.255.255.255 255.255.255.255 128.29.99.39 128.29.99.39 1
255.255.255.255 255.255.255.255 129.83.201.39 129.83.201.39 1
255.255.255.255 255.255.255.255 192.168.236.1 192.168.236.1 1
255.255.255.255 255.255.255.255 192.168.245.1 192.168.245.1 1
73 16:12:54.273 06/05/06 Sev=Warning/2 CVPND/0xE3400013
AddRoute failed to add a route: code 87
Destination 128.29.255.255
Netmask 255.255.255.255
Gateway 129.83.201.39
Interface 129.83.201.39
74 16:12:54.273 06/05/06 Sev=Warning/2 CM/0xA3100024
Unable to add route. Network: 801dffff, Netmask: ffffffff, Interface: 8153c927, Gateway: 8153c927.
75 16:12:54.323 06/05/06 Sev=Info/4 CM/0x63100038
Successfully saved route changes to file.
76 16:12:54.323 06/05/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 128.29.99.254 128.29.99.39 20
66.170.225.2 255.255.255.255 129.83.201.39 129.83.201.39 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
128.29.0.0 255.255.0.0 129.83.201.39 129.83.201.39 1
128.29.99.0 255.255.255.0 128.29.99.39 128.29.99.39 20
128.29.99.0 255.255.255.0 129.83.201.39 129.83.201.39 20
128.29.99.39 255.255.255.255 127.0.0.1 127.0.0.1 20
128.29.154.150 255.255.255.255 128.29.99.254 128.29.99.39 1
128.29.255.255 255.255.255.255 128.29.99.39 128.29.99.39 20
129.83.0.0 255.255.0.0 129.83.201.39 129.83.201.39 1
129.83.20.113 255.255.255.255 128.29.99.254 128.29.99.39 1
129.83.201.39 255.255.255.255 127.0.0.1 127.0.0.1 20
129.83.255.255 255.255.255.255 129.83.201.39 129.83.201.39 20
172.16.0.0 255.255.0.0 129.83.201.39 129.83.201.39 1
192.80.55.0 255.255.255.0 129.83.201.39 129.83.201.39 1
192.160.51.0 255.255.255.0 129.83.201.39 129.83.201.39 1
192.168.236.0 255.255.255.0 192.168.236.1 192.168.236.1 20
192.168.236.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.236.255 255.255.255.255 192.168.236.1 192.168.236.1 20
192.168.245.0 255.255.255.0 192.168.245.1 192.168.245.1 20
192.168.245.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.245.255 255.255.255.255 192.168.245.1 192.168.245.1 20
224.0.0.0 240.0.0.0 128.29.99.39 128.29.99.39 20
224.0.0.0 240.0.0.0 129.83.201.39 129.83.201.39 20
224.0.0.0 240.0.0.0 192.168.236.1 192.168.236.1 20
224.0.0.0 240.0.0.0 192.168.245.1 192.168.245.1 20
255.255.255.255 255.255.255.255 128.29.99.39 128.29.99.39 1
255.255.255.255 255.255.255.255 129.83.201.39 129.83.201.39 1
255.255.255.255 255.255.255.255 192.168.236.1 192.168.236.1 1
255.255.255.255 255.255.255.255 192.168.245.1 192.168.245.1 1
77 16:12:54.323 06/05/06 Sev=Info/6 CM/0x63100036
The routing table was updated for the Virtual Adapter
78 16:12:54.473 06/05/06 Sev=Info/4 CM/0x6310001A
One secure connection established
79 16:12:54.653 06/05/06 Sev=Info/4 CM/0x6310003B
Address watch added for 128.29.99.39. Current hostname: MM122128-PC, Current address(es): 129.83.201.39, 128.29.99.39, 192.168.236.1, 192.168.245.1.
80 16:12:54.663 06/05/06 Sev=Info/4 CM/0x6310003B
Address watch added for 129.83.201.39. Current hostname: MM122128-PC, Current address(es): 129.83.201.39, 128.29.99.39, 192.168.236.1, 192.168.245.1.
81 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
82 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x63700010
Created a new key structure
83 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x6370000F
Added key with SPI=0xf3bc7f47 into key list
84 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x63700010
Created a new key structure
85 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x6370000F
Added key with SPI=0x6670e5e4 into key list
86 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x6370002F
Assigned VA private interface addr 129.83.201.39
87 16:12:55.815 06/05/06 Sev=Info/4 IPSEC/0x63700019
Activate outbound key with SPI=0xf3bc7f47 for inbound key with SPI=0x6670e5e4
17 22:22:19.382 05/31/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.116 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.116 192.168.1.116 25
192.168.1.116 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.116 192.168.1.116 25
224.0.0.0 240.0.0.0 192.168.1.116 192.168.1.116 25
255.255.255.255 255.255.255.255 192.168.1.116 0.0.0.0 1
255.255.255.255 255.255.255.255 192.168.1.116 192.168.1.116 1
18 22:22:19.382 05/31/06 Sev=Info/4 CM/0x63100035
The Virtual Adapter was disabled
19 22:22:19.382 05/31/06 Sev=Info/4 IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=FC81CD8AA4E747FF
20 22:22:19.382 05/31/06 Sev=Info/4 CM/0x63100013
Phase 1 SA deleted cause by DEL_REASON_RESET_SADB. 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
21 22:22:19.382 05/31/06 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv
22 22:22:19.392 05/31/06 Sev=Info/6 CM/0x63100031
Tunnel to headend device 129.83.20.113 disconnected: duration: 0 days 0:8:7
23 22:22:19.492 05/31/06 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv
24 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700013
Delete internal key with SPI=0x49cf257a
25 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x6370000C
Key deleted by SPI 0x49cf257a
26 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700013
Delete internal key with SPI=0x0fa7433c
27 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x6370000C
Key deleted by SPI 0x0fa7433c
28 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700010
Created a new key structure
29 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x6370000B
Key requested
30 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700013
Delete internal key with SPI=0x00000000
31 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
32 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
33 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x6370000A
IPSec driver successfully stopped
34 22:22:19.512 05/31/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
35 22:22:19.512 05/31/06 Sev=Warning/2 IKE/0xA3000067
Received an IPC message during invalid state (IKE_MAIN:507)
36 22:22:24.549 05/31/06 Sev=Info/4 CM/0x63100002
Begin connection process
37 22:22:24.559 05/31/06 Sev=Warning/2 CVPND/0xA3400011
Error -14 sending packet. Dst Addr: 0xFFFFFFFF, Src Addr: 0xC0A80174 (DRVIFACE:1158).
38 22:22:24.569 05/31/06 Sev=Info/4 CM/0x63100004
Establish secure connection using Ethernet
39 22:22:24.569 05/31/06 Sev=Info/4 CM/0x63100024
Attempt connection with server "129.83.20.113"
40 22:22:24.600 05/31/06 Sev=Info/6 IKE/0x6300003B
Attempting to establish a connection with 129.83.20.113.
41 22:22:24.620 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 129.83.20.113
42 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
43 22:22:24.780 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Nat-T), NAT-D, NAT-D, VID(Frag), VID(?), VID(?)) from 129.83.20.113
44 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer is a Cisco-Unity compliant peer
45 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer supports XAUTH
46 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer supports DPD
47 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer supports NAT-T
48 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer supports IKE fragmentation payloads
49 22:22:24.780 05/31/06 Sev=Info/5 IKE/0x63000001
Peer supports DWR Code and DWR Text
50 22:22:24.800 05/31/06 Sev=Info/6 IKE/0x63000001
IOS Vendor ID Contruction successful
51 22:22:24.800 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONT
52 22:22:24.800 05/31/06 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA
53 22:22:24.800 05/31/06 Sev=Info/4 IKE/0x63000083
IKE Port in use - Local Port = 0x1194, Remote Port = 0x1194
54 22:22:24.800 05/31/06 Sev=Info/5 IKE/0x63000072
Automatic NAT Detection Status:
Remote end is NOT behind a NAT device
This end IS behind a NAT device
55 22:22:24.800 05/31/06 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
56 22:22:24.840 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
57 22:22:24.840 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 129.83.20.113
58 22:22:24.840 05/31/06 Sev=Info/4 CM/0x63100015
Launch xAuth application
59 22:22:24.920 05/31/06 Sev=Info/4 IPSEC/0x63700008
IPSec driver successfully started
60 22:22:24.920 05/31/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
61 22:22:24.920 05/31/06 Sev=Info/6 IPSEC/0x6370002C
Sent 269 packets, 0 were fragmented.
62 22:22:24.920 05/31/06 Sev=Info/4 IPSEC/0x6370000D
Key(s) deleted by Interface (192.43.245.73)
63 22:22:34.954 05/31/06 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA
64 22:22:36.627 05/31/06 Sev=Info/4 CM/0x63100017
xAuth application returned
65 22:22:36.627 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 129.83.20.113
66 22:22:38.990 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
67 22:22:38.990 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 129.83.20.113
68 22:22:38.990 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 129.83.20.113
69 22:22:38.990 05/31/06 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system
70 22:22:39.050 05/31/06 Sev=Info/5 IKE/0x6300005E
Client sending a firewall request to concentrator
71 22:22:39.050 05/31/06 Sev=Info/5 IKE/0x6300005D
Firewall Policy: Product=Cisco Systems Integrated Client Firewall, Capability= (Centralized Protection Policy).
72 22:22:39.050 05/31/06 Sev=Info/5 IKE/0x6300005D
Firewall Policy: Product=ZoneLabs Integrity Agent, Capability= (Client/Server).
73 22:22:39.050 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 129.83.20.113
74 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
75 22:22:40.122 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 129.83.20.113
76 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_ADDRESS: , value = 129.83.200.30
77 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NETMASK: , value = 255.255.255.0
78 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(1): , value = 129.83.20.47
79 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(2): , value = 129.83.20.100
80 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NBNS(1) (a.k.a. WINS) : , value = 129.83.25.1
81 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NBNS(2) (a.k.a. WINS) : , value = 129.83.25.3
82 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300000D
MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SAVEPWD: , value = 0x00000000
83 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300000E
MODE_CFG_REPLY: Attribute = MODECFG_UNITY_DEFDOMAIN: , value = mitre.org
84 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300000D
MODE_CFG_REPLY: Attribute = MODECFG_UNITY_PFS: , value = 0x00000000
85 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300000E
MODE_CFG_REPLY: Attribute = APPLICATION_VERSION, value = Cisco Systems, Inc./VPN 3000 Concentrator Version 4.1.7.E built by vmurphy on Mar 14 2005 11:25:43
86 22:22:40.122 05/31/06 Sev=Info/5 IKE/0x6300000D
MODE_CFG_REPLY: Attribute = Received and using NAT-T port number , value = 0x00001194
87 22:22:40.122 05/31/06 Sev=Info/4 CM/0x63100019
Mode Config data received
88 22:22:40.142 05/31/06 Sev=Info/4 IKE/0x63000056
Received a key request from Driver: Local IP = 129.83.200.30, GW IP = 129.83.20.113, Remote IP = 0.0.0.0
89 22:22:40.142 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK QM *(HASH, SA, NON, ID, ID) to 129.83.20.113
90 22:22:40.142 05/31/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
91 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
92 22:22:40.182 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_RESP_LIFETIM
93 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000045
RESPONDER-LIFETIME notify has value of 86400 seconds
94 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000047
This SA has already been alive for 16 seconds, setting expiry to 86384 seconds from now
95 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 129.83.20.113
96 22:22:40.182 05/31/06 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK QM *(HASH, SA, NON, ID, ID, NOTIFY:STATUS_RESP_LIFETIM
97 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000045
RESPONDER-LIFETIME notify has value of 28800 seconds
98 22:22:40.182 05/31/06 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK QM *(HASH) to 129.83.20.113
99 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000059
Loading IPsec SA (MsgID=E0C74746 OUTBOUND SPI = 0x01D89585 INBOUND SPI = 0x7A3F1995)
100 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000025
Loaded OUTBOUND ESP SPI: 0x01D89585
101 22:22:40.182 05/31/06 Sev=Info/5 IKE/0x63000026
Loaded INBOUND ESP SPI: 0x7A3F1995
102 22:22:40.282 05/31/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.116 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.116 192.168.1.116 25
192.168.1.116 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.116 192.168.1.116 25
224.0.0.0 240.0.0.0 192.168.1.116 192.168.1.116 25
255.255.255.255 255.255.255.255 192.168.1.116 0.0.0.0 1
255.255.255.255 255.255.255.255 192.168.1.116 192.168.1.116 1
103 22:22:40.833 05/31/06 Sev=Info/4 CM/0x63100034
The Virtual Adapter was enabled:
IP=129.83.200.30/255.255.2
DNS=129.83.20.47,129.83.20
WINS=129.83.25.1,129.83.25
Domain=mitre.org
Split DNS Names=
104 22:22:40.833 05/31/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 129.83.200.30 129.83.200.30 1
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.116 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
129.83.200.0 255.255.255.0 129.83.200.30 129.83.200.30 25
129.83.200.30 255.255.255.255 127.0.0.1 127.0.0.1 25
129.83.255.255 255.255.255.255 129.83.200.30 129.83.200.30 25
192.168.1.0 255.255.255.0 192.168.1.116 192.168.1.116 25
192.168.1.116 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.116 192.168.1.116 25
224.0.0.0 240.0.0.0 129.83.200.30 129.83.200.30 25
224.0.0.0 240.0.0.0 192.168.1.116 192.168.1.116 25
255.255.255.255 255.255.255.255 129.83.200.30 0.0.0.0 1
255.255.255.255 255.255.255.255 129.83.200.30 129.83.200.30 1
255.255.255.255 255.255.255.255 192.168.1.116 192.168.1.116 1
105 22:22:40.833 05/31/06 Sev=Warning/2 CVPND/0xE3400013
AddRoute failed to add a route: code 87
Destination 192.168.1.255
Netmask 255.255.255.255
Gateway 129.83.200.30
Interface 129.83.200.30
106 22:22:40.833 05/31/06 Sev=Warning/2 CM/0xA3100024
Unable to add route. Network: c0a801ff, Netmask: ffffffff, Interface: 8153c81e, Gateway: 8153c81e.
107 22:22:40.863 05/31/06 Sev=Info/4 CM/0x63100038
Successfully saved route changes to file.
108 22:22:40.863 05/31/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 129.83.200.30 129.83.200.30 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
129.83.20.113 255.255.255.255 192.168.1.1 192.168.1.116 1
129.83.200.0 255.255.255.0 129.83.200.30 129.83.200.30 25
129.83.200.30 255.255.255.255 127.0.0.1 127.0.0.1 25
129.83.255.255 255.255.255.255 129.83.200.30 129.83.200.30 25
192.168.1.0 255.255.255.0 192.168.1.116 192.168.1.116 25
192.168.1.0 255.255.255.0 129.83.200.30 129.83.200.30 25
192.168.1.1 255.255.255.255 192.168.1.116 192.168.1.116 1
192.168.1.116 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.116 192.168.1.116 25
224.0.0.0 240.0.0.0 129.83.200.30 129.83.200.30 25
224.0.0.0 240.0.0.0 192.168.1.116 192.168.1.116 25
255.255.255.255 255.255.255.255 129.83.200.30 0.0.0.0 1
255.255.255.255 255.255.255.255 129.83.200.30 129.83.200.30 1
255.255.255.255 255.255.255.255 192.168.1.116 192.168.1.116 1
109 22:22:40.863 05/31/06 Sev=Info/6 CM/0x63100036
The routing table was updated for the Virtual Adapter
110 22:22:40.913 05/31/06 Sev=Info/4 CM/0x6310001A
One secure connection established
111 22:22:40.973 05/31/06 Sev=Info/4 CM/0x6310003B
Address watch added for 192.168.1.116. Current hostname: MM133203-PC, Current address(es): 129.83.200.30, 192.168.1.116.
112 22:22:40.973 05/31/06 Sev=Info/4 CM/0x6310003B
Address watch added for 129.83.200.30. Current hostname: MM133203-PC, Current address(es): 129.83.200.30, 192.168.1.116.
113 22:22:40.973 05/31/06 Sev=Info/4 IPSEC/0x63700010
Created a new key structure
**************
Yet the log that is created from my entry where I am connected I do not receive this problem. I am always able to connect as well as have a much larger routing table... here is piece of my log:
69 16:12:48.200 06/05/06 Sev=Info/5 IKE/0x63000026
Loaded INBOUND ESP SPI: 0xE4E57066
70 16:12:48.280 06/05/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 128.29.99.254 128.29.99.39 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
128.29.99.0 255.255.255.0 128.29.99.39 128.29.99.39 20
128.29.99.39 255.255.255.255 127.0.0.1 127.0.0.1 20
128.29.255.255 255.255.255.255 128.29.99.39 128.29.99.39 20
192.168.236.0 255.255.255.0 192.168.236.1 192.168.236.1 20
192.168.236.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.236.255 255.255.255.255 192.168.236.1 192.168.236.1 20
192.168.245.0 255.255.255.0 192.168.245.1 192.168.245.1 20
192.168.245.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.245.255 255.255.255.255 192.168.245.1 192.168.245.1 20
224.0.0.0 240.0.0.0 128.29.99.39 128.29.99.39 20
224.0.0.0 240.0.0.0 192.168.236.1 192.168.236.1 20
224.0.0.0 240.0.0.0 192.168.245.1 192.168.245.1 20
255.255.255.255 255.255.255.255 128.29.99.39 128.29.99.39 1
255.255.255.255 255.255.255.255 192.168.236.1 192.168.236.1 1
255.255.255.255 255.255.255.255 192.168.245.1 192.168.245.1 1
71 16:12:54.273 06/05/06 Sev=Info/4 CM/0x63100034
The Virtual Adapter was enabled:
IP=129.83.201.39/255.255.0
DNS=129.83.20.47,129.83.20
WINS=129.83.25.1,129.83.25
Domain=mitre.org
Split DNS Names=
72 16:12:54.273 06/05/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 128.29.99.254 128.29.99.39 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
128.29.99.0 255.255.255.0 128.29.99.39 128.29.99.39 20
128.29.99.39 255.255.255.255 127.0.0.1 127.0.0.1 20
128.29.255.255 255.255.255.255 128.29.99.39 128.29.99.39 20
129.83.0.0 255.255.0.0 129.83.201.39 129.83.201.39 20
129.83.201.39 255.255.255.255 127.0.0.1 127.0.0.1 20
129.83.255.255 255.255.255.255 129.83.201.39 129.83.201.39 20
192.168.236.0 255.255.255.0 192.168.236.1 192.168.236.1 20
192.168.236.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.236.255 255.255.255.255 192.168.236.1 192.168.236.1 20
192.168.245.0 255.255.255.0 192.168.245.1 192.168.245.1 20
192.168.245.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.245.255 255.255.255.255 192.168.245.1 192.168.245.1 20
224.0.0.0 240.0.0.0 128.29.99.39 128.29.99.39 20
224.0.0.0 240.0.0.0 129.83.201.39 129.83.201.39 20
224.0.0.0 240.0.0.0 192.168.236.1 192.168.236.1 20
224.0.0.0 240.0.0.0 192.168.245.1 192.168.245.1 20
255.255.255.255 255.255.255.255 128.29.99.39 128.29.99.39 1
255.255.255.255 255.255.255.255 129.83.201.39 129.83.201.39 1
255.255.255.255 255.255.255.255 192.168.236.1 192.168.236.1 1
255.255.255.255 255.255.255.255 192.168.245.1 192.168.245.1 1
73 16:12:54.273 06/05/06 Sev=Warning/2 CVPND/0xE3400013
AddRoute failed to add a route: code 87
Destination 128.29.255.255
Netmask 255.255.255.255
Gateway 129.83.201.39
Interface 129.83.201.39
74 16:12:54.273 06/05/06 Sev=Warning/2 CM/0xA3100024
Unable to add route. Network: 801dffff, Netmask: ffffffff, Interface: 8153c927, Gateway: 8153c927.
75 16:12:54.323 06/05/06 Sev=Info/4 CM/0x63100038
Successfully saved route changes to file.
76 16:12:54.323 06/05/06 Sev=Info/5 CVPND/0x63400013
Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 128.29.99.254 128.29.99.39 20
66.170.225.2 255.255.255.255 129.83.201.39 129.83.201.39 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
128.29.0.0 255.255.0.0 129.83.201.39 129.83.201.39 1
128.29.99.0 255.255.255.0 128.29.99.39 128.29.99.39 20
128.29.99.0 255.255.255.0 129.83.201.39 129.83.201.39 20
128.29.99.39 255.255.255.255 127.0.0.1 127.0.0.1 20
128.29.154.150 255.255.255.255 128.29.99.254 128.29.99.39 1
128.29.255.255 255.255.255.255 128.29.99.39 128.29.99.39 20
129.83.0.0 255.255.0.0 129.83.201.39 129.83.201.39 1
129.83.20.113 255.255.255.255 128.29.99.254 128.29.99.39 1
129.83.201.39 255.255.255.255 127.0.0.1 127.0.0.1 20
129.83.255.255 255.255.255.255 129.83.201.39 129.83.201.39 20
172.16.0.0 255.255.0.0 129.83.201.39 129.83.201.39 1
192.80.55.0 255.255.255.0 129.83.201.39 129.83.201.39 1
192.160.51.0 255.255.255.0 129.83.201.39 129.83.201.39 1
192.168.236.0 255.255.255.0 192.168.236.1 192.168.236.1 20
192.168.236.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.236.255 255.255.255.255 192.168.236.1 192.168.236.1 20
192.168.245.0 255.255.255.0 192.168.245.1 192.168.245.1 20
192.168.245.1 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.245.255 255.255.255.255 192.168.245.1 192.168.245.1 20
224.0.0.0 240.0.0.0 128.29.99.39 128.29.99.39 20
224.0.0.0 240.0.0.0 129.83.201.39 129.83.201.39 20
224.0.0.0 240.0.0.0 192.168.236.1 192.168.236.1 20
224.0.0.0 240.0.0.0 192.168.245.1 192.168.245.1 20
255.255.255.255 255.255.255.255 128.29.99.39 128.29.99.39 1
255.255.255.255 255.255.255.255 129.83.201.39 129.83.201.39 1
255.255.255.255 255.255.255.255 192.168.236.1 192.168.236.1 1
255.255.255.255 255.255.255.255 192.168.245.1 192.168.245.1 1
77 16:12:54.323 06/05/06 Sev=Info/6 CM/0x63100036
The routing table was updated for the Virtual Adapter
78 16:12:54.473 06/05/06 Sev=Info/4 CM/0x6310001A
One secure connection established
79 16:12:54.653 06/05/06 Sev=Info/4 CM/0x6310003B
Address watch added for 128.29.99.39. Current hostname: MM122128-PC, Current address(es): 129.83.201.39, 128.29.99.39, 192.168.236.1, 192.168.245.1.
80 16:12:54.663 06/05/06 Sev=Info/4 CM/0x6310003B
Address watch added for 129.83.201.39. Current hostname: MM122128-PC, Current address(es): 129.83.201.39, 128.29.99.39, 192.168.236.1, 192.168.245.1.
81 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
82 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x63700010
Created a new key structure
83 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x6370000F
Added key with SPI=0xf3bc7f47 into key list
84 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x63700010
Created a new key structure
85 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x6370000F
Added key with SPI=0x6670e5e4 into key list
86 16:12:54.663 06/05/06 Sev=Info/4 IPSEC/0x6370002F
Assigned VA private interface addr 129.83.201.39
87 16:12:55.815 06/05/06 Sev=Info/4 IPSEC/0x63700019
Activate outbound key with SPI=0xf3bc7f47 for inbound key with SPI=0x6670e5e4
pseudocyber, is far better with the "details" than I, so hopefully he will be back, but I notice two things; 1)what are all these subnets in the working connection: 128.29.99.0 , 129.83.20.0 , 128.29.99.0 , 172.16.0.0 , 192.80.55.0 , 192.160.51.0 , 192.168.236.0 , 192.168.245.0 ? Are there static routes required for the other laptops ? 2) the working connection seems to be connecting through the virtual adapter as it should, however the non-working connection seems to be trying to connect (129.83.20.113) through the physical adapter 192.168.1.116
That is not a solution of any sort but rather an observation.
There are no other IPSec clients installed on the problematic laptops are there ?
Another test might be to disable the wired NIC in network connections and try connecting to see if that makes a difference.
With some VPN clients you can specify the adapter through which to connect. I am not a "Cisco guy" but I don't recall seeing this as an option on the Cisco client. Is it?
That is not a solution of any sort but rather an observation.
There are no other IPSec clients installed on the problematic laptops are there ?
Another test might be to disable the wired NIC in network connections and try connecting to see if that makes a difference.
With some VPN clients you can specify the adapter through which to connect. I am not a "Cisco guy" but I don't recall seeing this as an option on the Cisco client. Is it?
ASKER
Ok.. so just to let you guys know what the problem is ~ it's a driver issue!
Yup, a driver issue. Dell is working on the case with Cisco and Broadcom (the driver manufacturer) to determine the problem. Currently, there are work arounds to roll back the driver to the previous version or to change some priority settings. As it stands right now, if we make the changes that were suggested, the systems work ~ but out of the box the user is able to VPN and seem to get a connection ~ but does not have access to network resources because packets are not transmitting and receiving properly.
Yup, a driver issue. Dell is working on the case with Cisco and Broadcom (the driver manufacturer) to determine the problem. Currently, there are work arounds to roll back the driver to the previous version or to change some priority settings. As it stands right now, if we make the changes that were suggested, the systems work ~ but out of the box the user is able to VPN and seem to get a connection ~ but does not have access to network resources because packets are not transmitting and receiving properly.
Really? A driver issue and it works at some locations and not others? What about all those other subnets? any chance re-installing the network adapter and drivers has cleaned that up?
Thanks for the update.
Thanks for the update.
ASKER
I removed and reinstalled the drivers ~ that didn't change the problem. The only thing that fixed it was to roll back the driver a version or I found another work around:
Click Start
Click Settings
Click Control Panel
Click System
Click the Hardware Tab
Click Device Manager
Open up Network Adapters and double-click Dell Wireless WLAN Adapter.
Under the Advanced Tab, click VLAN Priority Support and select Disable from the drop-down menu under Value:.
Click OK.
Strange that a physical device is effecting something that is working on a completely different layer. I'm talking with Dell now to see why this is happening. I'll keep you all updated.
-Christie
Click Start
Click Settings
Click Control Panel
Click System
Click the Hardware Tab
Click Device Manager
Open up Network Adapters and double-click Dell Wireless WLAN Adapter.
Under the Advanced Tab, click VLAN Priority Support and select Disable from the drop-down menu under Value:.
Click OK.
Strange that a physical device is effecting something that is working on a completely different layer. I'm talking with Dell now to see why this is happening. I'll keep you all updated.
-Christie
Interesting. Curious to see how it goes. I see there are some issues with Dell and wireless VPN's:
http://support.dell.com/support/topics/global.aspx/support/dsn/en/document?c=us&docid=152D7D67033477DFE0401E0A5517188F&journalid=38B395C7FBD511DABA931F114956E124&l=en&s=gen
http://support.dell.com/support/topics/global.aspx/support/dsn/en/document?c=us&docid=152D7D67033477DFE0401E0A5517188F&journalid=38B395C7FBD511DABA931F114956E124&l=en&s=gen
ASKER
That is interesting. I also just received an email from my Cisco support rep and he sent me some info regarding a closed ticket that had to do with Cisco VPN client/Dell/Broadcom:
"The Dell 1370 WLAN current driver is v 4.10.40.0. Chipset is Broadcom 43XX. Dell Support Forum indicated similar problem with 1300 WLAN and Broadcom driver 4.10. with resolution regression to driver v 3.100. I tested v 3.100 driver on the test image and Cisco VPN 4.8 client works as expected.
This appears to be a WLAN driver problem with the Broadcom 4.10 driver. Broadcom has a uniform installer across all recent WLAN chips, so the 4.10
driver may be an issue on other Broadcom based WLAN NICs. I will test on production image and see if it resolves problem.
As to who needs to fix the problem between Broadcom driver 4.10 and Cisco VPN 4.8, I will leave that with Cisco.
They later confirmed that their testing was successful."
So its an interesting dilema between the two... seems that's what the issue is though.
"The Dell 1370 WLAN current driver is v 4.10.40.0. Chipset is Broadcom 43XX. Dell Support Forum indicated similar problem with 1300 WLAN and Broadcom driver 4.10. with resolution regression to driver v 3.100. I tested v 3.100 driver on the test image and Cisco VPN 4.8 client works as expected.
This appears to be a WLAN driver problem with the Broadcom 4.10 driver. Broadcom has a uniform installer across all recent WLAN chips, so the 4.10
driver may be an issue on other Broadcom based WLAN NICs. I will test on production image and see if it resolves problem.
As to who needs to fix the problem between Broadcom driver 4.10 and Cisco VPN 4.8, I will leave that with Cisco.
They later confirmed that their testing was successful."
So its an interesting dilema between the two... seems that's what the issue is though.
There have been a lot of postings here over the past 2 months about problems with wireless and VPN's. I wonder how many may be related to this. I also wonder if it is just with the Cisco client, or IPSec in general.
You may need to publish a paper on the topic when done. :-)
You may need to publish a paper on the topic when done. :-)
ASKER
Then I'll be famous! =) or at least I will be in the geek world ~ and that's fine with me.
***Question for the adminstrator ~ how should I close this question if I found out the answer on my own?
***Question for the adminstrator ~ how should I close this question if I found out the answer on my own?
Christie, to close the question just post a '0' point question in the community support forum, asking to close and refund points.
https://www.experts-exchange.com/Community_Support/
No problem with the closing, but would appreciate if any more input on the ultimate solution, that you post here, for my curiosity and to assist those that follow.
Good luck with it.
--Rob
https://www.experts-exchange.com/Community_Support/
No problem with the closing, but would appreciate if any more input on the ultimate solution, that you post here, for my curiosity and to assist those that follow.
Good luck with it.
--Rob
ASKER
Thanks.. i'll wait to close it ones I hear more from Dell.. which should be next week.
Thanks, have a great weekend !
--Rob
--Rob
ASKER
Currently, we have determined that the solution is that the updated Dell/Broadcom driver is incompatible with Cisco VPN. There is an issue with the wireless card drivers in the system and the VPN client. The work around that was given to us by Dell os below, and are waiting for new drivers that will repair the issue. In the meantime, we have asked users to implement the work around just to get them up and running. The directions for the work around are:
VPN Issue Work Around:
1. Click Start
2. Click Settings
3. Click Control Panel
4. Click System
5. Click the Hardware Tab
6. Click Device Manager
7. Open up Network Adapters and double-click Dell Wireless WLAN Adapter.
8. Under the Advanced Tab, click VLAN Priority Support and select Disable from the drop-down menu under Value:.
9. Click OK.
Anyway, hope this helps!
VPN Issue Work Around:
1. Click Start
2. Click Settings
3. Click Control Panel
4. Click System
5. Click the Hardware Tab
6. Click Device Manager
7. Open up Network Adapters and double-click Dell Wireless WLAN Adapter.
8. Under the Advanced Tab, click VLAN Priority Support and select Disable from the drop-down menu under Value:.
9. Click OK.
Anyway, hope this helps!
Thanks Christie, excellent information to have on hand, and may be of great value to those that follow.
Good luck with it,
--Rob
Good luck with it,
--Rob
I had the same problem:
Dell Latitude D610
Dell Wireless 1370 - driver v4.10.40.0
Linksys WRT54GS (with Sveasoft firmware) - I also tried my Apple Airport Express
Comcast HSI - Motorola Surfboard SB5101
It worked fine wired to the Surfboard, or directly to the Linksys, but not wireless. [Absolutely maddening]
This workaround has solved my problem until the new driver is ready. I could find the solution nowhere else on the net. Well worth the subscription.
Cheers everyone for the help! I'm now free to roam around the house again.
Tucker.
Dell Latitude D610
Dell Wireless 1370 - driver v4.10.40.0
Linksys WRT54GS (with Sveasoft firmware) - I also tried my Apple Airport Express
Comcast HSI - Motorola Surfboard SB5101
It worked fine wired to the Surfboard, or directly to the Linksys, but not wireless. [Absolutely maddening]
This workaround has solved my problem until the new driver is ready. I could find the solution nowhere else on the net. Well worth the subscription.
Cheers everyone for the help! I'm now free to roam around the house again.
Tucker.
Always nice to hear some one else has benefited from a discussion.
Welcome aboard Tucker.
--Rob
Welcome aboard Tucker.
--Rob
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You can futz with the registry or get Dr. TCP from DSL Reports. http://www.dslreports.com/drtcp