asked on
Cisco IPSec VPN Client Session gets disconnected at randon times from remote ASA5505
We have a number of users connecting / terminatiing Cisco IPSec VPN Client sessions onto a Cisco ASA5505 appliance.
The users are using a variation of Client OS, XP, Vista etc and different versions of the Cisco IPSec VPN Client. What is ahppening is, the clients are getting disconnected from the ASA at randon, sometimes after 5 minutes, 15 minutes even 7 hours. The logs off the Cisco VPN Client show the below,
Cisco Systems VPN Client Version 5.0.05.0290
Copyright (C) 1998-2009 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 6.1.7600
7 10:08:25.162 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=10.4.9.189, error 0
8 10:08:26.176 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=10.4.9.189, error 0
9 10:08:27.190 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=10.4.9.189, error 0
10 10:08:28.204 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=10.4.9.189, error 0
11 10:08:29.218 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=10.4.9.189, error 0
12 10:08:30.232 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CleanUpVASettings: Was able to delete all VA settings after all, error 0
13 10:08:31.043 03/08/11 Sev=Warning/2 IKE/0xA3000067
Received an IPC message during invalid state (IKE_MAIN:512)
Any feedback would be great...
The users are using a variation of Client OS, XP, Vista etc and different versions of the Cisco IPSec VPN Client. What is ahppening is, the clients are getting disconnected from the ASA at randon, sometimes after 5 minutes, 15 minutes even 7 hours. The logs off the Cisco VPN Client show the below,
Cisco Systems VPN Client Version 5.0.05.0290
Copyright (C) 1998-2009 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 6.1.7600
7 10:08:25.162 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=10.4.9.189, error 0
8 10:08:26.176 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=10.4.9.189, error 0
9 10:08:27.190 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=10.4.9.189, error 0
10 10:08:28.204 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=10.4.9.189, error 0
11 10:08:29.218 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=10.4.9.189, error 0
12 10:08:30.232 03/08/11 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CleanUpVASettings: Was able to delete all VA settings after all, error 0
13 10:08:31.043 03/08/11 Sev=Warning/2 IKE/0xA3000067
Received an IPC message during invalid state (IKE_MAIN:512)
Any feedback would be great...
VPNCiscoInternet Protocol Security
Last Comment
lanbase
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Solution found after my own research and testing
Use the debug crypto command in order to verify that the netmask and IP addresses are correct. Also, verify that the pool does not include the network address and the broadcast address.