?
Solved

VPN suddenly stopped accepting connections

Posted on 2015-01-06
6
Medium Priority
?
107 Views
Last Modified: 2015-01-19
We have been using a Cisco VPN 300 Concentrator for a better part of 8 years.  We have never had an issue, it runs like a top.  Suddlenly on yesterday, it just stopped allowing anyone to connect via a username and password.  This happens inside and outside our company.  Nothing has changed, not settings or anything.  Does anyone have any idea what this would just stop.  I do know that we have a company running NM mappers on our system.  Would that have anything to do with anything.
0
Comment
Question by:Salonge
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 40533503
Hi,

There is 2 workaround:
- reload
- Debug the device, in this case you need to login int the device and you need to provide us the log
0
 
LVL 4

Expert Comment

by:artsec
ID: 40533504
There is a known issue with such a behavior which needs framware update. There is a memory related vulnerability which cause outage. We experienced same issue a few weeks ago.
0
 

Author Comment

by:Salonge
ID: 40533727
How do I update the firmware?
0
Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

 

Author Comment

by:Salonge
ID: 40533741
Here is one the logs - real time.  I can't read them to understand them, but maybe you can help.

9342 01/06/2015 07:53:49.570 SEV=8 IKEDBG/0 RPT=60271 128.143.161.4
SENDING Message (msgid=0) with payloads :
HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13
) + NONE (0) ... total length : 256
 
9345 01/06/2015 07:53:49.600 SEV=8 IKEDBG/0 RPT=60272 128.143.161.4
RECEIVED Message (msgid=0) with payloads :
HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13
) + NONE (0) ... total length : 256
 
9348 01/06/2015 07:53:49.600 SEV=8 IKEDBG/0 RPT=60273 128.143.161.4
RECEIVED Message (msgid=0) with payloads :
HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13
) + NONE (0) ... total length : 256
 
9351 01/06/2015 07:53:49.600 SEV=9 IKEDBG/0 RPT=60274 128.143.161.4
processing ke payload
 
9352 01/06/2015 07:53:49.600 SEV=9 IKEDBG/0 RPT=60275 128.143.161.4
processing ISA_KE
 
9353 01/06/2015 07:53:49.600 SEV=9 IKEDBG/1 RPT=10228 128.143.161.4
processing nonce payload
 
9354 01/06/2015 07:53:49.600 SEV=9 IKEDBG/47 RPT=10245 128.143.161.4
processing VID payload
 
9355 01/06/2015 07:53:49.600 SEV=9 IKEDBG/49 RPT=6825 128.143.161.4
Received Cisco Unity client VID
 
9356 01/06/2015 07:53:49.600 SEV=9 IKEDBG/47 RPT=10246 128.143.161.4
processing VID payload
 
9357 01/06/2015 07:53:49.600 SEV=9 IKEDBG/49 RPT=6826 128.143.161.4
Received xauth V6 VID
 
9358 01/06/2015 07:53:49.600 SEV=9 IKEDBG/47 RPT=10247 128.143.161.4
processing VID payload
 
9359 01/06/2015 07:53:49.600 SEV=9 IKEDBG/38 RPT=3416 128.143.161.4
Processing VPN 3000 spoofing IOS Vendor ID payload (version: 1.0.0, capabilities
: 20000409)
 
9361 01/06/2015 07:53:49.600 SEV=9 IKEDBG/47 RPT=10248 128.143.161.4
processing VID payload
 
9362 01/06/2015 07:53:49.600 SEV=9 IKEDBG/49 RPT=6827 128.143.161.4
Received Altiga GW VID
 
9363 01/06/2015 07:53:49.700 SEV=9 IKEDBG/0 RPT=60276 128.143.161.4
Generating keys for Initiator...
 
9364 01/06/2015 07:53:49.710 SEV=9 IKEDBG/1 RPT=10229 128.143.161.4
Group [128.143.161.4]
constructing ID
 
9365 01/06/2015 07:53:49.710 SEV=9 IKEDBG/0 RPT=60277
Group [128.143.161.4]
construct hash payload
 
9366 01/06/2015 07:53:49.710 SEV=9 IKEDBG/0 RPT=60278 128.143.161.4
Group [128.143.161.4]
computing hash
 
9367 01/06/2015 07:53:49.710 SEV=9 IKEDBG/34 RPT=3413 128.143.161.4
Constructing IOS keep alive payload: proposal=32767/32767 sec.
 
9368 01/06/2015 07:53:49.710 SEV=9 IKEDBG/46 RPT=6834 128.143.161.4
Group [128.143.161.4]
constructing dpd vid payload
 
9369 01/06/2015 07:53:49.710 SEV=8 IKEDBG/0 RPT=60279 128.143.161.4
SENDING Message (msgid=0) with payloads :
HDR + ID (5) + HASH (8) + IOS KEEPALIVE (14) + VENDOR (13) + NONE (0) ... total
length : 92
 
9372 01/06/2015 07:53:49.740 SEV=8 IKEDBG/0 RPT=60280 128.143.161.4
RECEIVED Message (msgid=0) with payloads :
HDR + ID (5) + HASH (8) + IOS KEEPALIVE (14) + VENDOR (13) + NONE (0) ... total
length : 92
 
9375 01/06/2015 07:53:49.740 SEV=9 IKEDBG/1 RPT=10230 128.143.161.4
Group [128.143.161.4]
Processing ID
 
9376 01/06/2015 07:53:49.740 SEV=9 IKEDBG/0 RPT=60281 128.143.161.4
Group [128.143.161.4]
processing hash
 
9377 01/06/2015 07:53:49.740 SEV=9 IKEDBG/0 RPT=60282 128.143.161.4
Group [128.143.161.4]
computing hash
 
9378 01/06/2015 07:53:49.740 SEV=9 IKEDBG/34 RPT=3414 128.143.161.4
Processing IOS keep alive payload: proposal=32767/32767 sec.
 
9379 01/06/2015 07:53:49.740 SEV=9 IKEDBG/47 RPT=10249 128.143.161.4
Group [128.143.161.4]
processing VID payload
 
9380 01/06/2015 07:53:49.740 SEV=9 IKEDBG/49 RPT=6828 128.143.161.4
Group [128.143.161.4]
Received DPD VID
 
9381 01/06/2015 07:53:49.740 SEV=9 IKEDBG/23 RPT=1707 128.143.161.4
Group [128.143.161.4]
Starting group lookup for peer 128.143.161.4
 
9382 01/06/2015 07:53:49.740 SEV=8 AUTHDBG/1 RPT=11459
AUTH_Open() returns -1
 
9383 01/06/2015 07:53:49.740 SEV=7 AUTH/12 RPT=11459
Authentication session opened: handle = -1
 
9384 01/06/2015 07:53:49.740 SEV=7 IKEDBG/0 RPT=60283 128.143.161.4
Group [128.143.161.4]
Failed opening authentication session!
 
9385 01/06/2015 07:53:49.740 SEV=2 IKE/0 RPT=8406 128.143.161.4
Group [128.143.161.4]
Phase 1 authentication could not be initiated!
 
9386 01/06/2015 07:53:49.740 SEV=9 IKEDBG/0 RPT=60284 128.143.161.4
Group [128.143.161.4]
IKE SA MM:ea4ea430 terminating:
flags 0x0100c022, refcnt 0, tuncnt 0
 
9388 01/06/2015 07:53:49.740 SEV=9 IKEDBG/0 RPT=60285
sending delete message
 
9389 01/06/2015 07:53:49.740 SEV=9 IKEDBG/0 RPT=60286 128.143.161.4
Group [128.143.161.4]
constructing blank hash
 
9390 01/06/2015 07:53:49.750 SEV=9 IKEDBG/0 RPT=60287
constructing delete payload
 
9391 01/06/2015 07:53:49.750 SEV=9 IKEDBG/0 RPT=60288 128.143.161.4
Group [128.143.161.4]
constructing qm hash
 
9392 01/06/2015 07:53:49.750 SEV=8 IKEDBG/0 RPT=60289 128.143.161.4
SENDING Message (msgid=93ee666c) with payloads :
HDR + HASH (8) + DELETE (12) + NONE (0) ... total length : 76
 
9394 01/06/2015 07:53:49.750 SEV=6 IKE/38 RPT=3233 128.143.161.4
Header invalid, missing SA payload! (next payload = 8)
0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 2000 total points
ID: 40535670
please reload it
0
 

Author Comment

by:Salonge
ID: 40535690
I am also getting a message in the logs that said http 404 unable to location /favicon.ico.  I have a hospital that uses our VPN to receive x-rays.  That is working just fine.  We are just unable to remote sessions to the concentrator.

How do I reload it and not loose the configuration to the hospital?
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question