Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

VPN suddenly stopped accepting connections

Posted on 2015-01-06
6
Medium Priority
?
113 Views
Last Modified: 2015-01-19
We have been using a Cisco VPN 300 Concentrator for a better part of 8 years.  We have never had an issue, it runs like a top.  Suddlenly on yesterday, it just stopped allowing anyone to connect via a username and password.  This happens inside and outside our company.  Nothing has changed, not settings or anything.  Does anyone have any idea what this would just stop.  I do know that we have a company running NM mappers on our system.  Would that have anything to do with anything.
0
Comment
Question by:Salonge
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 40533503
Hi,

There is 2 workaround:
- reload
- Debug the device, in this case you need to login int the device and you need to provide us the log
0
 
LVL 4

Expert Comment

by:artsec
ID: 40533504
There is a known issue with such a behavior which needs framware update. There is a memory related vulnerability which cause outage. We experienced same issue a few weeks ago.
0
 

Author Comment

by:Salonge
ID: 40533727
How do I update the firmware?
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:Salonge
ID: 40533741
Here is one the logs - real time.  I can't read them to understand them, but maybe you can help.

9342 01/06/2015 07:53:49.570 SEV=8 IKEDBG/0 RPT=60271 128.143.161.4
SENDING Message (msgid=0) with payloads :
HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13
) + NONE (0) ... total length : 256
 
9345 01/06/2015 07:53:49.600 SEV=8 IKEDBG/0 RPT=60272 128.143.161.4
RECEIVED Message (msgid=0) with payloads :
HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13
) + NONE (0) ... total length : 256
 
9348 01/06/2015 07:53:49.600 SEV=8 IKEDBG/0 RPT=60273 128.143.161.4
RECEIVED Message (msgid=0) with payloads :
HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13
) + NONE (0) ... total length : 256
 
9351 01/06/2015 07:53:49.600 SEV=9 IKEDBG/0 RPT=60274 128.143.161.4
processing ke payload
 
9352 01/06/2015 07:53:49.600 SEV=9 IKEDBG/0 RPT=60275 128.143.161.4
processing ISA_KE
 
9353 01/06/2015 07:53:49.600 SEV=9 IKEDBG/1 RPT=10228 128.143.161.4
processing nonce payload
 
9354 01/06/2015 07:53:49.600 SEV=9 IKEDBG/47 RPT=10245 128.143.161.4
processing VID payload
 
9355 01/06/2015 07:53:49.600 SEV=9 IKEDBG/49 RPT=6825 128.143.161.4
Received Cisco Unity client VID
 
9356 01/06/2015 07:53:49.600 SEV=9 IKEDBG/47 RPT=10246 128.143.161.4
processing VID payload
 
9357 01/06/2015 07:53:49.600 SEV=9 IKEDBG/49 RPT=6826 128.143.161.4
Received xauth V6 VID
 
9358 01/06/2015 07:53:49.600 SEV=9 IKEDBG/47 RPT=10247 128.143.161.4
processing VID payload
 
9359 01/06/2015 07:53:49.600 SEV=9 IKEDBG/38 RPT=3416 128.143.161.4
Processing VPN 3000 spoofing IOS Vendor ID payload (version: 1.0.0, capabilities
: 20000409)
 
9361 01/06/2015 07:53:49.600 SEV=9 IKEDBG/47 RPT=10248 128.143.161.4
processing VID payload
 
9362 01/06/2015 07:53:49.600 SEV=9 IKEDBG/49 RPT=6827 128.143.161.4
Received Altiga GW VID
 
9363 01/06/2015 07:53:49.700 SEV=9 IKEDBG/0 RPT=60276 128.143.161.4
Generating keys for Initiator...
 
9364 01/06/2015 07:53:49.710 SEV=9 IKEDBG/1 RPT=10229 128.143.161.4
Group [128.143.161.4]
constructing ID
 
9365 01/06/2015 07:53:49.710 SEV=9 IKEDBG/0 RPT=60277
Group [128.143.161.4]
construct hash payload
 
9366 01/06/2015 07:53:49.710 SEV=9 IKEDBG/0 RPT=60278 128.143.161.4
Group [128.143.161.4]
computing hash
 
9367 01/06/2015 07:53:49.710 SEV=9 IKEDBG/34 RPT=3413 128.143.161.4
Constructing IOS keep alive payload: proposal=32767/32767 sec.
 
9368 01/06/2015 07:53:49.710 SEV=9 IKEDBG/46 RPT=6834 128.143.161.4
Group [128.143.161.4]
constructing dpd vid payload
 
9369 01/06/2015 07:53:49.710 SEV=8 IKEDBG/0 RPT=60279 128.143.161.4
SENDING Message (msgid=0) with payloads :
HDR + ID (5) + HASH (8) + IOS KEEPALIVE (14) + VENDOR (13) + NONE (0) ... total
length : 92
 
9372 01/06/2015 07:53:49.740 SEV=8 IKEDBG/0 RPT=60280 128.143.161.4
RECEIVED Message (msgid=0) with payloads :
HDR + ID (5) + HASH (8) + IOS KEEPALIVE (14) + VENDOR (13) + NONE (0) ... total
length : 92
 
9375 01/06/2015 07:53:49.740 SEV=9 IKEDBG/1 RPT=10230 128.143.161.4
Group [128.143.161.4]
Processing ID
 
9376 01/06/2015 07:53:49.740 SEV=9 IKEDBG/0 RPT=60281 128.143.161.4
Group [128.143.161.4]
processing hash
 
9377 01/06/2015 07:53:49.740 SEV=9 IKEDBG/0 RPT=60282 128.143.161.4
Group [128.143.161.4]
computing hash
 
9378 01/06/2015 07:53:49.740 SEV=9 IKEDBG/34 RPT=3414 128.143.161.4
Processing IOS keep alive payload: proposal=32767/32767 sec.
 
9379 01/06/2015 07:53:49.740 SEV=9 IKEDBG/47 RPT=10249 128.143.161.4
Group [128.143.161.4]
processing VID payload
 
9380 01/06/2015 07:53:49.740 SEV=9 IKEDBG/49 RPT=6828 128.143.161.4
Group [128.143.161.4]
Received DPD VID
 
9381 01/06/2015 07:53:49.740 SEV=9 IKEDBG/23 RPT=1707 128.143.161.4
Group [128.143.161.4]
Starting group lookup for peer 128.143.161.4
 
9382 01/06/2015 07:53:49.740 SEV=8 AUTHDBG/1 RPT=11459
AUTH_Open() returns -1
 
9383 01/06/2015 07:53:49.740 SEV=7 AUTH/12 RPT=11459
Authentication session opened: handle = -1
 
9384 01/06/2015 07:53:49.740 SEV=7 IKEDBG/0 RPT=60283 128.143.161.4
Group [128.143.161.4]
Failed opening authentication session!
 
9385 01/06/2015 07:53:49.740 SEV=2 IKE/0 RPT=8406 128.143.161.4
Group [128.143.161.4]
Phase 1 authentication could not be initiated!
 
9386 01/06/2015 07:53:49.740 SEV=9 IKEDBG/0 RPT=60284 128.143.161.4
Group [128.143.161.4]
IKE SA MM:ea4ea430 terminating:
flags 0x0100c022, refcnt 0, tuncnt 0
 
9388 01/06/2015 07:53:49.740 SEV=9 IKEDBG/0 RPT=60285
sending delete message
 
9389 01/06/2015 07:53:49.740 SEV=9 IKEDBG/0 RPT=60286 128.143.161.4
Group [128.143.161.4]
constructing blank hash
 
9390 01/06/2015 07:53:49.750 SEV=9 IKEDBG/0 RPT=60287
constructing delete payload
 
9391 01/06/2015 07:53:49.750 SEV=9 IKEDBG/0 RPT=60288 128.143.161.4
Group [128.143.161.4]
constructing qm hash
 
9392 01/06/2015 07:53:49.750 SEV=8 IKEDBG/0 RPT=60289 128.143.161.4
SENDING Message (msgid=93ee666c) with payloads :
HDR + HASH (8) + DELETE (12) + NONE (0) ... total length : 76
 
9394 01/06/2015 07:53:49.750 SEV=6 IKE/38 RPT=3233 128.143.161.4
Header invalid, missing SA payload! (next payload = 8)
0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 2000 total points
ID: 40535670
please reload it
0
 

Author Comment

by:Salonge
ID: 40535690
I am also getting a message in the logs that said http 404 unable to location /favicon.ico.  I have a hospital that uses our VPN to receive x-rays.  That is working just fine.  We are just unable to remote sessions to the concentrator.

How do I reload it and not loose the configuration to the hospital?
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question