Cisco VPN client continually disconnected

Ok, so we have a Cisco VPN server (running 3000 concentrator series manager). The VPN works fine, except one user continually cannot keep an active connection. Basically it connects and the gets disconnected after 3-6 minutes. I've tried version 5 and well as downgrading back to version 4.8. I've attached the output from the server from the time it starts to disconnect.

I am a beginner at this (was set up by an outside company), so I'm not sure what to take from this, other than according to the server it was terminated by him and not the server.

Is there something on his laptop that is set up wrong, or that I can check to fix this?

It used to work fine, but over the last month it has become unusable.
26618 04/08/2010 12:21:19.940 SEV=5 IKE/50 RPT=515 11.1.11.111 
Group [xxxx] User [xxxx]
Connection terminated for peer xxxx.
Reason: Peer Terminate
Remote Proxy 192.168.111.11, Local Proxy 0.0.0.0

26621 04/08/2010 12:21:19.940 SEV=7 IKEDBG/9 RPT=929 11.1.11.111 
Group [xxxx] User [xxxx]
IKE Deleting SA: Remote Proxy 192.168.111.11, Local Proxy 0.0.0.0

26623 04/08/2010 12:21:19.940 SEV=6 IKE/147 RPT=929 11.1.11.111 
Group [xxxx] User [xxxx]
Terminating tunnel to Hardware Client in network extension mode,
deleting static route for address: 192.168.111.11, mask: 255.255.255.255

26626 04/08/2010 12:21:19.940 SEV=9 IKEDBG/0 RPT=16267 11.1.11.111 
Group [xxxx] User [xxxx]
IKE SA AM:deb40305 rcv'd Terminate: state AM_ACTIVE
flags 0x0861f041, refcnt 1, tuncnt 0

26629 04/08/2010 12:21:19.940 SEV=9 IKEDBG/0 RPT=16268 11.1.11.111 
Group [xxxx] User [xxxx]
IKE SA AM:deb40305 terminating:
flags 0x0961f001, refcnt 0, tuncnt 0

26631 04/08/2010 12:21:19.940 SEV=9 IKEDBG/0 RPT=16269 
sending delete/delete with reason message

26632 04/08/2010 12:21:19.950 SEV=9 IKEDBG/0 RPT=16270 11.1.11.111 
Group [xxxx] User [xxxx]
constructing blank hash

26633 04/08/2010 12:21:19.950 SEV=9 IKEDBG/0 RPT=16271 
constructing IKE Delete With Reason payload

26634 04/08/2010 12:21:19.950 SEV=5 IKE/194 RPT=845 11.1.11.111 
Group [xxxx] User [xxxx]
Sending IKE Delete With Reason message: No Reason Provided.

26636 04/08/2010 12:21:19.950 SEV=9 IKEDBG/0 RPT=16272 11.1.11.111 
Group [xxxx] User [xxxx]
constructing qm hash

26637 04/08/2010 12:21:19.950 SEV=8 IKEDBG/81 RPT=34009 11.1.11.111 
SENDING Message (msgid=6cb268f3) with payloads : 
HDR + HASH (8) + DWR (129) 
total length : 80

26639 04/08/2010 12:21:19.950 SEV=9 IPSECDBG/6 RPT=4642 
IPSEC key message parse - msgtype 2, len 274, vers 1, pid 00000000, seq 0, err 0
, type 2, mode 0, state 32, label 0, pad 0, spi 0x2e03d7fe, encrKeyLen 0, hashKe
yLen 0, ivlen 0, alg 0, hmacAlg 0, lifetype 0, lifetime1 1235352, lifetime2 0, d
sId 0

26643 04/08/2010 12:21:19.950 SEV=9 IPSECDBG/1 RPT=17608 
Processing KEY_DELETE msg!

26644 04/08/2010 12:21:19.950 SEV=4 AUTH/28 RPT=768 11.1.11.111 
User [xxxx] Group [xxxx] disconnected:
 Session Type: IPSec
 Duration: 0:06:54
 Bytes xmt: 0
 Bytes rcv: 0
 Reason: User Requested

Open in new window

canuseeitAsked:
Who is Participating?
 
augwestConnect With a Mentor Commented:
Is the firewall turned off on the xp machine ?

I would definitely install the latest Drivers from the Ethernet port and the wireless card.

Check the two links below one guy said he had the user do a continual ping to a server across the vpn connection.  The second at the bottom says to add a line of code in the configuration file the line is below


Seems it's been a while since people posted to this problem, but here are my two cents:
Open the Cisco Profile file (which by default is stored under C:\Program Files\Cisco systems\VPN client\Profiles - file ending with .pcf) in notepad. Add the following line at the bottom:

UseLegacyIKEPort=1

Close, save and restart the VPN client...

pEr

http://www.tek-tips.com/viewthread.cfm?qid=1498602&page=1

http://www.experts-exchange.com/Networking/Q_21133982.html
0
 
augwestCommented:
By any chance are they working wirelessly or with an aircard?
0
 
canuseeitAuthor Commented:
nope wired in directly to a router.
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
augwestCommented:
What operating system does the user use? 64x 86x also is this a mac or pc?
0
 
canuseeitAuthor Commented:
Sorry, just a typical Windows XP Pro machine.

We have about 12 users that VPN in all the time. This one person is an executive and is the only one having these issues, which is why it perplexes me.
0
 
augwestCommented:
do you happen to know what they are running ? when they get knocked out?
0
 
canuseeitAuthor Commented:
only real thing they run is office 2007, and occasionally MS Project (besides things like IE/Firefox)
0
 
canuseeitAuthor Commented:
But I even had it run off a router outside our DMZ and after 3 tests, none lasted longer than 7 min. it's weird, there has to be something. Possibly Ethernet card?
0
 
augwestCommented:
that would seem logical try updating the drivers, see if it helps are there any event logs?
0
 
augwestCommented:
Also if they use outlook over vpn that can really stress the connection

Also what time of vpn is this SSL or a standard client?
0
 
canuseeitAuthor Commented:
Standard Cisco VPN client.

I've begun to think it was possibly the Ethernet adapter, as he only connects via that typically. So I connected it wirelessly and it stays connected a record 22 minutes, then 24 minutes.

It still after that time will show connection terminated by client, even though no termination was ordered.

I'm still stumped.
0
 
canuseeitAuthor Commented:
here is essentially what we get every time
0
 
canuseeitAuthor Commented:
sorry here is image
0
 
canuseeitAuthor Commented:
sigh
y8cfyax
0
 
augwestCommented:
Sorry for not getting back to you.

I notice you have an old version of the VPN client first thing i would do would be to get the latest version  some of the older ones had a lot of bugs.

Also make sure the laptops firewall isnt on and blocking the vpn ports

Check this post http://info.dpo.uab.edu/technotes/technote0136.shtml

Also check to make sure your connection point doesnt have a time limit for vpn connections set
0
 
canuseeitAuthor Commented:
augwest,

I'll explain further actually. In this company I went about upgrading everyone from Version 4.8 to version 5. For everyone this worked great for them!

For this one person, after that fact of upgrading VPN, it has never been able to stay connected for long, the max time has been I think 13 minutes, with a low of 4 minutes.

Downgrading was what I attempted to do to see what would fix it.

I even restored the laptop to factory settings and reinstalled to see the same exact thing happen.

I am at a loss right now..... and there is no time limit for VPN connections.

the only clue I have so far is via the ethernet cable, I can get a max of 13 minutes, via wireless I get a longer connection, anywhere from 13-24 minuted. Possibly the ethernet port, but still other can stay connected for hours without issues. I am ordering a new wireless card, hopefully that can fix this issue....
0
All Courses

From novice to tech pro — start learning today.