Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 605
  • Last Modified:

VPN session disconnection

Team,

users are informing that they are getting VPN connection dropped while working itself.

They are all behind the Firewall & VPN server is at remoe place.

Pls view the VPN clinet report

Regards
Ramu
log
0
RAMU CH
Asked:
RAMU CH
  • 4
  • 4
1 Solution
 
MikeKaneCommented:
Looks like normal operation until you see the Delete due to the Peer not responding.  

Do all clients get the same error at the same time or is it staggered or do you not know?  

Have you contacted the ISP to run a health check on the line?    Packet loss or high latency can contribute to this symptom.  

Did every client begin experiencing the symptom at the same time?  

What version of the client is everyone running?   Have you considered upgrading them to the latest?
0
 
RAMU CHAuthor Commented:
It is only from one location users and they are behind the Cyberoam UTM device and rest of all are fine

Regards
Ramu

0
 
MikeKaneCommented:
I am not familiar with that device.    I suggest you contact the Cyberoam support line and ask them about issues regarding outbound Cisco IPSEC VPN client issues.   Perhaps it's a known bug or there could be a known fix.  

http://www.cyberoam.com/contactsupport.html
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
RAMU CHAuthor Commented:
What is the following messages meant

**

350    12:56:43.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269048

351    12:56:48.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 115.111.228.28

352    12:56:48.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269049

353    12:56:53.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 115.111.228.28

354    12:56:53.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269050

355    12:56:58.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 115.111.228.28

356    12:56:58.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269051

357    12:57:03.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 115.111.228.28

358    12:57:03.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269052

359    12:57:08.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 115.111.228.28

360    12:57:08.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269053

361    12:57:13.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 115.111.228.28

362    12:57:13.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269054

363    12:57:18.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 115.111.228.28

364    12:57:18.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269055

365    12:57:23.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 115.111.228.28

366    12:57:23.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269056

367    12:57:28.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 115.111.228.28

368    12:57:28.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269057

369    12:57:33.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 115.111.228.28

370    12:57:33.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269058

371    12:57:34.375  05/09/11  Sev=Info/6      IKE/0x63000055
Sent a keepalive on the IPSec SA

372    12:57:38.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 115.111.228.28

373    12:57:38.375  05/09/11  Sev=Info/6      IKE/0x6300003D
Sending DPD request to 115.111.228.28, our seq# = 2712269059

374    12:57:43.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 115.111.228.28

375    12:57:43.375  05/09/11  Sev=Info/5      IKE/0x63000018
Deleting IPsec SA: (OUTBOUND SPI = 83337B39 INBOUND SPI = BAE913C5)

376    12:57:43.375  05/09/11  Sev=Info/4      IKE/0x63000049
Discarding IPsec SA negotiation, MsgID=71AB2C5D

377    12:57:43.375  05/09/11  Sev=Info/4      IKE/0x63000017
Marking IKE SA for deletion  (I_Cookie=3473FDF7E179A0BD R_Cookie=F746F4D619B81909) reason = DEL_REASON_PEER_NOT_RESPONDING

378    12:57:43.375  05/09/11  Sev=Info/4      IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 115.111.228.28

379    12:57:43.875  05/09/11  Sev=Info/4      IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=3473FDF7E179A0BD R_Cookie=F746F4D619B81909) reason = DEL_REASON_PEER_NOT_RESPONDING

380    12:57:43.875  05/09/11  Sev=Info/4      CM/0x63100013
Phase 1 SA deleted cause by DEL_REASON_PEER_NOT_RESPONDING.  0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

381    12:57:43.875  05/09/11  Sev=Info/5      CM/0x63100025
Initializing CVPNDrv

382    12:57:43.890  05/09/11  Sev=Info/6      CM/0x63100031
Tunnel to headend device cmcvpn2.cmcltd.com disconnected: duration: 0 days 0:11:47

383    12:57:43.890  05/09/11  Sev=Info/6      CM/0x63100046
Set tunnel established flag in registry to 0.

384    12:57:43.890  05/09/11  Sev=Info/4      IKE/0x63000001
IKE received signal to terminate VPN connection


****

What is have known that VPN client keep on sending requests for DPD request (Line 350) to VPN server 115.111.228.28 but after certain periood and HASH,DEL message found ( see Line No:374).

What could be the reason,Is that is due to VPN server or User Firewall (Cyberoam) .

Will u Pls send the meaning of the above messages..

Regards
Ramu
0
 
RAMU CHAuthor Commented:
Waiting for your reply. Yu people are giving late replies for VPN log related issues,earlier i had a issue VPN sessions ,at that time you were not given satisfied result to me and i forcibly accepted the solution


Regards
Ramu
0
 
MikeKaneCommented:
This seems to be a phase 1 config mismatch issue.    

Look here for a good overview : http://fengnet.com/book/vpnconf/ch12lev1sec6.html

0
 
RAMU CHAuthor Commented:
Thanks , I will go through this
0
 
MikeKaneCommented:
Was it a mismatch?
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now