Hi Guys,
I'm experiencing a problem authenticating it seems to our Cisco VPN 3000 box using VPN Client v5 on Win 7 x86 platform.
The Client errors with a Reason 427, I've pulled the log file from the client, Line 469 seems to be where the problem starts
(Delete Reason Code: 4 --> PEER_DELETE-IKE_DELETE_NO_ERROR.)
---
Cisco Systems VPN Client Version 5.0.06.0160
Copyright (C) 1998-2009 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 6.1.7600
439 11:24:55.106 09/14/11 Sev=Info/4 CM/0x63100002
Begin connection process
440 11:24:55.122 09/14/11 Sev=Info/4 CM/0x63100004
Establish secure connection
441 11:24:55.122 09/14/11 Sev=Info/4 CM/0x63100024
Attempt connection with server "ip"
442 11:24:55.138 09/14/11 Sev=Info/6 IKE/0x6300003B
Attempting to establish a connection with ip.
443 11:24:55.138 09/14/11 Sev=Info/4 IKE/0x63000001
Starting IKE Phase 1 Negotiation
444 11:24:55.138 09/14/11 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to ip
445 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = ip
446 11:24:55.528 09/14/11 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Nat-T), NAT-D, NAT-D, VID(Frag), VID(?), VID(?)) from ip
447 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer is a Cisco-Unity compliant peer
448 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer supports XAUTH
449 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer supports DPD
450 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer supports NAT-T
451 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer supports IKE fragmentation payloads
452 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer supports DWR Code and DWR Text
453 11:24:55.528 09/14/11 Sev=Info/6 IKE/0x63000001
IOS Vendor ID Contruction successful
454 11:24:55.528 09/14/11 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, NAT-D, NAT-D, VID(?), VID(Unity)) to ip
455 11:24:55.528 09/14/11 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA
456 11:24:55.528 09/14/11 Sev=Info/4 IKE/0x63000083
IKE Port in use - Local Port = 0xDC49, Remote Port = 0x1194
457 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000072
Automatic NAT Detection Status:
Remote end IS behind a NAT device
This end IS behind a NAT device
458 11:24:55.528 09/14/11 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
459 11:24:55.528 09/14/11 Sev=Info/4 IPSEC/0x63700008
IPSec driver successfully started
460 11:24:55.528 09/14/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
461 11:24:55.590 09/14/11 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = ip
462 11:24:55.590 09/14/11 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from ip
463 11:24:55.590 09/14/11 Sev=Info/4 CM/0x63100015
Launch xAuth application
464 11:24:55.606 09/14/11 Sev=Info/6 GUI/0x63B00012
Authentication request attributes is 103h.
465 11:25:03.125 09/14/11 Sev=Info/4 CM/0x63100017
xAuth application returned
466 11:25:03.125 09/14/11 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to ip
467 11:25:03.437 09/14/11 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = ip
468 11:25:03.437 09/14/11 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, DWR) from ip
469 11:25:03.437 09/14/11 Sev=Info/4 IKE/0x63000081
Delete Reason Code: 4 --> PEER_DELETE-IKE_DELETE_NO_ERROR.
470 11:25:03.437 09/14/11 Sev=Info/5 IKE/0x6300003C
Received a DELETE payload for IKE SA with Cookies: I_Cookie=C6B747733E73D39B R_Cookie=FE131FF2765CCE8F
471 11:25:03.437 09/14/11 Sev=Info/4 IKE/0x63000017
Marking IKE SA for deletion (I_Cookie=C6B747733E73D39B R_Cookie=FE131FF2765CCE8F) reason = PEER_DELETE-IKE_DELETE_NO_ERROR
472 11:25:04.295 09/14/11 Sev=Info/4 IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=C6B747733E73D39B R_Cookie=FE131FF2765CCE8F) reason = PEER_DELETE-IKE_DELETE_NO_ERROR
473 11:25:04.295 09/14/11 Sev=Info/4 CM/0x63100014
Unable to establish Phase 1 SA with server "ip" because of "PEER_DELETE-IKE_DELETE_NO_ERROR"
474 11:25:04.295 09/14/11 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv
475 11:25:04.295 09/14/11 Sev=Info/6 CM/0x63100046
Set tunnel established flag in registry to 0.
476 11:25:04.295 09/14/11 Sev=Info/4 IKE/0x63000001
IKE received signal to terminate VPN connection
477 11:25:05.324 09/14/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
478 11:25:05.324 09/14/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
479 11:25:05.324 09/14/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
480 11:25:05.324 09/14/11 Sev=Info/4 IPSEC/0x6370000A
IPSec driver successfully stopped
---
I've looked at the log on the Concentrator which is showing
(IKE Received NULL Passcode string from the remote end!):
---
631 09/14/2011 12:48:47.950 SEV=4 IKE/0 RPT=19 ip
Group [group] User [user]
IKE Received NULL Passcode string from the remote end!
633 09/14/2011 12:48:48.050 SEV=4 AUTH/9 RPT=19 ip
Authentication failed: Reason = Logon Failure
handle = 62, server = server, user = user
635 09/14/2011 12:48:48.050 SEV=4 IKE/167 RPT=22 ip
Group [group] User [user]
Remote peer has failed user authentication -
check configured username and password
638 09/14/2011 12:48:48.050 SEV=5 IKE/194 RPT=27 ip
Group [group] User [user]
Sending IKE Delete With Reason message: No Reason Provided.
---
This all seems very odd as this token and user are working perfectly on an XP machine, ruling out username and password problems...I've ensured the correct case is being used for the username also.
Does anyone have any ideas, or know of any issues with using this version of the client on Windows 7 x86?
Thanks
Chris
I'm experiencing a problem authenticating it seems to our Cisco VPN 3000 box using VPN Client v5 on Win 7 x86 platform.
The Client errors with a Reason 427, I've pulled the log file from the client, Line 469 seems to be where the problem starts
(Delete Reason Code: 4 --> PEER_DELETE-IKE_DELETE_NO_ERROR.)
---
Cisco Systems VPN Client Version 5.0.06.0160
Copyright (C) 1998-2009 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 6.1.7600
439 11:24:55.106 09/14/11 Sev=Info/4 CM/0x63100002
Begin connection process
440 11:24:55.122 09/14/11 Sev=Info/4 CM/0x63100004
Establish secure connection
441 11:24:55.122 09/14/11 Sev=Info/4 CM/0x63100024
Attempt connection with server "ip"
442 11:24:55.138 09/14/11 Sev=Info/6 IKE/0x6300003B
Attempting to establish a connection with ip.
443 11:24:55.138 09/14/11 Sev=Info/4 IKE/0x63000001
Starting IKE Phase 1 Negotiation
444 11:24:55.138 09/14/11 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to ip
445 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = ip
446 11:24:55.528 09/14/11 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Nat-T), NAT-D, NAT-D, VID(Frag), VID(?), VID(?)) from ip
447 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer is a Cisco-Unity compliant peer
448 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer supports XAUTH
449 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer supports DPD
450 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer supports NAT-T
451 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer supports IKE fragmentation payloads
452 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000001
Peer supports DWR Code and DWR Text
453 11:24:55.528 09/14/11 Sev=Info/6 IKE/0x63000001
IOS Vendor ID Contruction successful
454 11:24:55.528 09/14/11 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, NAT-D, NAT-D, VID(?), VID(Unity)) to ip
455 11:24:55.528 09/14/11 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA
456 11:24:55.528 09/14/11 Sev=Info/4 IKE/0x63000083
IKE Port in use - Local Port = 0xDC49, Remote Port = 0x1194
457 11:24:55.528 09/14/11 Sev=Info/5 IKE/0x63000072
Automatic NAT Detection Status:
Remote end IS behind a NAT device
This end IS behind a NAT device
458 11:24:55.528 09/14/11 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
459 11:24:55.528 09/14/11 Sev=Info/4 IPSEC/0x63700008
IPSec driver successfully started
460 11:24:55.528 09/14/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
461 11:24:55.590 09/14/11 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = ip
462 11:24:55.590 09/14/11 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from ip
463 11:24:55.590 09/14/11 Sev=Info/4 CM/0x63100015
Launch xAuth application
464 11:24:55.606 09/14/11 Sev=Info/6 GUI/0x63B00012
Authentication request attributes is 103h.
465 11:25:03.125 09/14/11 Sev=Info/4 CM/0x63100017
xAuth application returned
466 11:25:03.125 09/14/11 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to ip
467 11:25:03.437 09/14/11 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = ip
468 11:25:03.437 09/14/11 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, DWR) from ip
469 11:25:03.437 09/14/11 Sev=Info/4 IKE/0x63000081
Delete Reason Code: 4 --> PEER_DELETE-IKE_DELETE_NO_ERROR.
470 11:25:03.437 09/14/11 Sev=Info/5 IKE/0x6300003C
Received a DELETE payload for IKE SA with Cookies: I_Cookie=C6B747733E73D39B R_Cookie=FE131FF2765CCE8F
471 11:25:03.437 09/14/11 Sev=Info/4 IKE/0x63000017
Marking IKE SA for deletion (I_Cookie=C6B747733E73D39B R_Cookie=FE131FF2765CCE8F) reason = PEER_DELETE-IKE_DELETE_NO_ERROR
472 11:25:04.295 09/14/11 Sev=Info/4 IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=C6B747733E73D39B R_Cookie=FE131FF2765CCE8F) reason = PEER_DELETE-IKE_DELETE_NO_ERROR
473 11:25:04.295 09/14/11 Sev=Info/4 CM/0x63100014
Unable to establish Phase 1 SA with server "ip" because of "PEER_DELETE-IKE_DELETE_NO_ERROR"
474 11:25:04.295 09/14/11 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv
475 11:25:04.295 09/14/11 Sev=Info/6 CM/0x63100046
Set tunnel established flag in registry to 0.
476 11:25:04.295 09/14/11 Sev=Info/4 IKE/0x63000001
IKE received signal to terminate VPN connection
477 11:25:05.324 09/14/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
478 11:25:05.324 09/14/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
479 11:25:05.324 09/14/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
480 11:25:05.324 09/14/11 Sev=Info/4 IPSEC/0x6370000A
IPSec driver successfully stopped
---
I've looked at the log on the Concentrator which is showing
(IKE Received NULL Passcode string from the remote end!):
---
631 09/14/2011 12:48:47.950 SEV=4 IKE/0 RPT=19 ip
Group [group] User [user]
IKE Received NULL Passcode string from the remote end!
633 09/14/2011 12:48:48.050 SEV=4 AUTH/9 RPT=19 ip
Authentication failed: Reason = Logon Failure
handle = 62, server = server, user = user
635 09/14/2011 12:48:48.050 SEV=4 IKE/167 RPT=22 ip
Group [group] User [user]
Remote peer has failed user authentication -
check configured username and password
638 09/14/2011 12:48:48.050 SEV=5 IKE/194 RPT=27 ip
Group [group] User [user]
Sending IKE Delete With Reason message: No Reason Provided.
---
This all seems very odd as this token and user are working perfectly on an XP machine, ruling out username and password problems...I've ensured the correct case is being used for the username also.
Does anyone have any ideas, or know of any issues with using this version of the client on Windows 7 x86?
Thanks
Chris
