Cisco VPN Client connection issue

Discussion in 'Cisco' started by Mikey, Oct 27, 2003.

  1. Mikey

    Mikey Guest

    I'm trying to start a VPN session using the Cisco VPN Client 4.0.1a
    for Linux on a Redhat 9 box. Kernel loads, vpnclient connect starts
    up and it requests my domain authentication which it accepts (and
    fails if I typo, so I know it's communicating to the VPN server), but
    once I get to "Securing communication channel.", it hangs for about
    two minutes and then comes back with "The VPN sub-system is busy or
    has failed.".

    I've disabled the firewall on the desktop to make sure it's not a port
    blocking issue. It works fine from the same desktop booted into
    Windows XP so I'm pretty sure it's not a router issue.

    Looking in the log, it's receiving information about what the unity
    domain is, gateway ip, dns, etc. So it's definitely getting partially
    connected. It seems like the errors in the log start around this
    point:

    51 09:21:36.410 10/27/2003 Sev=Info/4 IKE/0x43000014
    RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:NO_PROPOSAL_CHOSEN) from
    (munged IP)

    52 09:21:36.410 10/27/2003 Sev=Warning/3 IKE/0x8300004B
    Received a NOTIFY message with an invalid protocol id (0)

    53 09:21:36.712 10/27/2003 Sev=Info/4 IPSEC/0x43700014
    Deleted all keys

    54 09:21:41.350 10/27/2003 Sev=Info/4 IKE/0x43000021
    Retransmitting last packet!

    55 09:21:41.350 10/27/2003 Sev=Info/4 IKE/0x43000013
    SENDING >>> ISAKMP OAK QM *(Retransmission) to (munged IP)

    56 09:21:46.390 10/27/2003 Sev=Info/4 IKE/0x43000021
    Retransmitting last packet!

    57 09:21:46.390 10/27/2003 Sev=Info/4 IKE/0x43000013
    SENDING >>> ISAKMP OAK QM *(Retransmission) to (munged IP)

    58 09:21:51.430 10/27/2003 Sev=Info/4 IKE/0x43000021
    Retransmitting last packet!

    59 09:21:51.430 10/27/2003 Sev=Info/4 IKE/0x43000013
    SENDING >>> ISAKMP OAK QM *(Retransmission) to (munged IP)

    60 09:21:56.470 10/27/2003 Sev=Info/4 IKE/0x4300002D
    Phase-2 retransmission count exceeded: MsgID=F2B8A513

    61 09:21:56.470 10/27/2003 Sev=Info/6 IKE/0x4300003D
    Sending DPD request to (munged IP), seq# = 1729309128

    62 09:21:56.471 10/27/2003 Sev=Info/4 IKE/0x43000013
    SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to (munged IP)

    63 09:21:56.471 10/27/2003 Sev=Info/4 IKE/0x43000013
    SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to (munged IP)

    64 09:21:56.471 10/27/2003 Sev=Info/4 IKE/0x43000048
    Discarding IPsec SA negotiation, MsgID=F2B8A513

    65 09:21:56.531 10/27/2003 Sev=Info/5 IKE/0x4300002F
    Received ISAKMP packet: peer = (munged IP)

    66 09:21:56.531 10/27/2003 Sev=Info/4 IKE/0x43000014
    RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from (munged IP)

    67 09:21:56.531 10/27/2003 Sev=Info/5 IKE/0x4300003F
    Received DPD ACK from (munged IP), seq# received = 1729309129, seq#
    expected =
    1729309129

    68 09:24:01.168 10/27/2003 Sev=Info/4 IKE/0x43000017
    Marking IKE SA for deletion (I_Cookie=C2AE67FA6D0B60C2
    R_Cookie=B0DAF55B5786AC6
    F) reason = DEL_REASON_RESET_SADB

    69 09:24:01.168 10/27/2003 Sev=Info/4 IKE/0x43000013
    SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to (munged IP)

    70 09:24:01.168 10/27/2003 Sev=Info/4 IKE/0x4300004A
    Discarding IKE SA negotiation (I_Cookie=C2AE67FA6D0B60C2
    R_Cookie=B0DAF55B5786AC
    6F) reason = DEL_REASON_RESET_SADB

    71 09:24:01.168 10/27/2003 Sev=Info/4 CM/0x43100012
    Phase 1 SA deleted before first Phase 2 SA is up cause by
    "DEL_REASON_RESET_SADB
    ". 0 Phase 1 SA currently in the system

    72 09:24:01.168 10/27/2003 Sev=Info/5 CM/0x43100025
    Initializing CVPNDrv

    73 09:24:01.169 10/27/2003 Sev=Info/4 IKE/0x43000001
    IKE received signal to terminate VPN connection
    Mikey, Oct 27, 2003
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. MP
    Replies:
    2
    Views:
    12,228
  2. jarcar
    Replies:
    0
    Views:
    575
    jarcar
    Feb 12, 2004
  3. OZ
    Replies:
    3
    Views:
    10,966
  4. Ned
    Replies:
    0
    Views:
    538
  5. serge
    Replies:
    3
    Views:
    1,114
    m0bilitee
    May 5, 2008
Loading...

Share This Page