Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: vpnc: devel

vpnc latest SVN disconnects when doing ISAKMP_EXCHANGE_IKE_QUICK

  

 
vpnc devel RSS feed   Index | Next | Previous | View Threaded


mr-vpnc at webdeck

Jan 18, 2009, 11:14 AM

Post #1 of 1 (658 views)
Permalink
vpnc latest SVN disconnects when doing ISAKMP_EXCHANGE_IKE_QUICK
Hello,

I'm running the latest SVN version of vpnc on Mac OS X 10.5.5,
connecting to a Cisco VPN. My connection consistently dies after
hours of functioning properly. It always dies shortly after some
ISAKMP_EXCHANGE_IKE_QUICK packets. However, it doesn't happen every
time that takes place. In my most recent Debug 3 log, it managed to
exchange keys properly twice before failing the third time:

[2009-01-17 11:48:55]
...
[2009-01-17 11:49:01]
exchange_type: 20 (ISAKMP_EXCHANGE_IKE_QUICK)
...
lifetime status: 27359 of 28800 seconds used, 9651|3029 of 0
kbytes used
...
[2009-01-17 19:25:00]
exchange_type: 20 (ISAKMP_EXCHANGE_IKE_QUICK)
...
lifetime status: 27360 of 28800 seconds used, 7062|430 of 0 kbytes
used
...
[2009-01-18 03:01:00]
exchange_type: 20 (ISAKMP_EXCHANGE_IKE_QUICK)
...
lifetime status: 27360 of 28800 seconds used, 8725|1982 of 0
kbytes used
...
[2009-01-18 10:37:00]
exchange_type: 20 (ISAKMP_EXCHANGE_IKE_QUICK)
...
no response from target



The entire debug level 3 log for this ~11 hour VPN session is 270 MB
(66 MB gzipped). I have sent the last 20,000 lines, gzipped, to vpnc [at] unix-ag
. Please let me know if you need the entire log or other sections of
it.

My configuration is as follows:

IKE DH Group dh2
IKE Authmode psk
IPSec gateway xxx
IPSec ID xxx
IPSec secret xxx
Xauth username xxx
Interface mode tun
Interface name tun0
Vendor cisco
Application version Cisco Systems VPN Client Version 4.8.00 (0490):Linux
NAT Traversal Mode cisco-udp
DPD idle timeout (our side) 0
Debug 3
No Detach


I experienced the same problem with version 0.5.3 - I upgraded to the
latest SVN in the hopes it would have fixed the issue.

I greatly appreciate the work you have done. Please let me know if
there is anything else I can do to help you track down this problem.

Thanks,
-Mike


_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/

vpnc devel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.