Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

WAN IP address changed and now VPN is not working

Status
Not open for further replies.
dalew430

dalew430

Technical User
Nov 27, 2006
30
US
We switched our Internet Service from cable modem to fiber last night and now our VPN is not working. Any ideas?
 
Sort by date Sort by votes
Did the VPN clients change the IP address that they connect to also??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Yes ... we did change to the new IP address
 
Upvote 0 Downvote
I was just looking at my running-config and noticed the following:

ip address outside 67.xx.xx.82 255.255.255.240
route outside 10.251.0.0 255.255.255.255 67.xx.xx.81 1

Would this be causing my problems with the VPN?
 
Upvote 0 Downvote
Please disregard my last post regarding ip address outside and route outside, I just realized what this was. I don't understand how changing the IP address would make my VPN unfunctional now. Our SNM changed from 255.255.255.248 to 255.255.255.240
 
Upvote 0 Downvote
you will really have to post configs

Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
domain-name xxxxxxxxx
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol ftp 10021-10024
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol smtp 587
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
name 192.#.#.# xxxxxxxxxxxxxx
name 65.#.#.# xxxxxxxxxxxxxx
name 10.#.#.# xxxxxxxxxxxxxxx
name 161.#.#.# xxxxxxxxxxxxxxx
name 161.#.#.# xxxxxxxxxx
name 170.#.#.# xxxxxxxxxxxxxxxxxxxx
name 170.#.#.# xxxxxxxxxxxxxxxxx
name 170.#.#.# xxxxxxxxxxxxxxxxxxxx
name 170.#.#.# xxxxxxxxxxxxxxxxxxxx
name 67.#.#.# xxxxxxx
name 65.#.#.# xxxxxxxxxxxxxxxxxxx
object-group service HTTP_HTTPS tcp
port-object eq www
port-object eq https
object-group service CPANEL tcp
description cpane required ports http/https (cpanel/webmail)
port-object range 2083 2083
port-object range 2082 2082
port-object range 2086 2086
port-object range 2093 2093
port-object range 2092 2092
port-object range 2096 2096
port-object range 2095 2095
object-group service xxxxxxxxxxxx tcp
description xxxxxx FTP FILE TRANSFER PORTS
port-object range 10021 10025
object-group network FTP_xxxxxxx
network-object FTPT_xxxxxx_com 255.255.255.255
network-object FTPST_xxxxx_com 255.255.255.255
network-object FTPB_xxxxx_com 255.255.255.255
network-object FTPB2_xxxxx_com 255.255.255.255
object-group service FTP_xxxxxxx_TCP tcp
port-object eq 20021
port-object range 21000 21400
object-group service IMAP tcp
description IMAP email inbound
port-object range 993 993
object-group service VPN udp
port-object range object-group service SSH_SFTP tcp
description xxxxxx FTP for xxxxxxx
port-object eq ssh
port-object range ssh ssh
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 any object-group HTTP_HTTPS
access-list inside_access_in remark Allow temp RDP TO xxxxxxxxx IP / remove
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 host xxxxxxx eq 3389
access-list inside_access_in remark Allow temp RDP TO xxxxxx IP / remove
access-list inside_access_in remark Allow temp RDP TO xxxxxxx IP / remove
access-list inside_access_in deny ip 10.251.0.0 255.255.0.0 192.168.x.0 255.255.255.0
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 any eq pop3
access-list inside_access_in permit tcp any any object-group IMAP
access-list inside_access_in remark xxxxxx ftp file transfer
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 xxxxxx
255.255.255.252
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 any eq smtp
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 any eq citrix-ica
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 any eq 1863
access-list inside_access_in permit udp 10.251.0.0 255.255.0.0 any eq domain
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 any eq ftp
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 any object-group SSH_SFTP
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 any object-group CPANEL
access-list inside_access_in remark aol/aim
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 any eq aol
access-list inside_access_in remark mstsc
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 any eq 3389
access-list inside_access_in permit tcp 10.251.0.0 255.255.0.0 object-group FTP_xxxxxxx object-group FTP_xxxxxx_TCP
access-list inside_access_in remark xxxxxxxxx VPN Client
access-list inside_access_in permit udp any eq isakmp host xxxxxxx eq isakmp
access-list inside_access_in remark xxxxxxxx VPN Client
access-list inside_access_in permit tcp any host xxxxxxx
access-list inside_access_in remark xxxxxxxx VPN Client
access-list inside_access_in permit udp any host xxxxxxx
access-list inside_access_in deny ip any any
access-list DMZ1_access_in remark Allow xxxxxx to have xxxxxx (xxxxxxx) access
access-list DMZ1_access_in remark Allow xxxxxx to have web access
access-list DMZ1_access_in permit tcp host xxxxxxx object-group HTTP_HTTPS host 10.251.10.250
access-list DMZ1_access_in permit tcp host xxxxxxx host xxxxxx eq 1433
access-list DMZ1_access_in deny ip any any
access-list outside_access_in remark
access-list outside_access_in permit tcp any interface outside object-group HTTP_HTTPS
access-list outside_access_in permit tcp host xxxxxxx interface outside eq 3389
access-list outside_access_in permit tcp host xxxxxx interface outside eq 3389
access-list outside_access_in deny ip any any
access-list inside_outbound_nat0_acl permit ip any 10.252.1.96 255.255.255.224
access-list inside_outbound_nat0_acl permit ip 10.251.0.0 255.255.0.0 10.252.0.0 255.255.0.0
access-list outside_cryptomap_dyn_20 permit ip any 10.252.1.96 255.255.255.224
pager lines 24
mtu outside 1500
mtu inside 1500
mtu DMZ1 1500
ip address outside 67.78.141.82 255.255.255.240
ip address inside 10.#.#.# 255.255.0.0
ip address DMZ1 192.168.#.# 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
ip local pool VPNusers 10.252.1.100-10.252.1.120
pdm location xxxxxxxx 255.255.255.255 inside
pdm location xxxxxxxxx255.255.255.255 DMZ1
pdm location xxxxxxx 255.255.255.255 outside
pdm location xxxxxxx 255.255.255.255 outside
pdm location xxxxxxxx 255.255.255.252 outside
pdm location FTPT_xxxxxx_com 255.255.255.255 outside
pdm location FTPST_xxxxxxx_com 255.255.255.255 outside
pdm location FTPB_xxxxxx_com 255.255.255.255 outside
pdm location FTPB2_xxxxxxx_com 255.255.255.255 outside
pdm location xxxxx 255.255.255.255 outside
pdm location xxxxxxx 255.255.255.255 outside
pdm location 10.251.1.64 255.255.255.240 outside
pdm location 10.251.1.70 255.255.255.254 outside
pdm location 192.168.0.0 255.255.0.0 DMZ1
pdm location 10.251.10.120 255.255.255.254 outside
pdm location 192.168.0.0 255.255.255.255 outside
pdm location 10.251.0.0 255.255.255.255 outside
pdm location 10.251.10.96 255.255.255.224 outside
pdm location 10.252.10.96 255.255.255.224 outside
pdm location 10.252.0.0 255.255.0.0 outside
pdm location 10.252.1.96 255.255.255.224 outside
pdm group FTP_xxxxxxxx outside
pdm history enable
arp timeout 14400
global (outside) 10 interface
nat (inside) 0 access-list inside_outbound_nat0_acl
nat (inside) 10 0.0.0.0 0.0.0.0 0 0
nat (DMZ1) 10 0.0.0.0 0.0.0.0 0 0
static (DMZ1,outside) tcp interface https xxxxxxxx https netmask 255.255.255.255 0 0
static (DMZ1,outside) tcp interface 255.255.255.255 0 0
static (inside,outside) tcp interface 3389 xxxxxxxxx 3389 netmask 255.255.255.255 0 0
static (inside,DMZ1) 10.251.0.0 10.251.0.0 netmask 255.255.0.0 0 0
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
access-group DMZ1_access_in in interface DMZ1
route outside 0.0.0.0 0.0.0.0 67.78.141.81 1
route outside 10.251.0.0 255.255.255.255 67.78.141.81 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
aaa authentication ssh console LOCAL
http server enable
http xxxxxxx 255.255.255.255 inside
http 10.251.0.0 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-DES-MD5
crypto dynamic-map outside_dyn_map_1 20 match address outside_cryptomap_dyn_20
crypto dynamic-map outside_dyn_map_1 20 set transform-set ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map_1
crypto map outside_map client authentication LOCAL
crypto map outside_map interface outside
isakmp enable outside
isakmp enable inside
isakmp nat-traversal 20
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
vpngroup NMAC address-pool VPNusers
vpngroup NMAC dns-server xxxxxxxxx
vpngroup NMAC default-domain xxxxxxx.local
vpngroup NMAC idle-time 1800
vpngroup NMAC password ********
telnet xxxxxxxx 255.255.255.255 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh 10.251.0.0 255.255.0.0 inside
ssh timeout 5
console timeout 0
dhcpd address 192.168.251.11-192.168.251.11 DMZ1
dhcpd dns 65.32.1.70 65.32.1.80
dhcpd lease 3600
dhcpd ping_timeout 750
username xxxxxx password tOTdEIUxstICk4vY encrypted privilege #
username xxxxxxx password 8Y2RJEePmcmXOpSp encrypted privilege #
username xxxxxxxx password gLTTEgXLn9TkAH4R encrypted privilege #
username xxxxxx password lk5vg.q15BP/KLvf encrypted privilege #
username xxxxxx password k54Lg2OclDjpsW.S encrypted privilege #
username xxxxxx password 6vQDUUFk/6pDzVpt encrypted privilege #
terminal width 80
Cryptochecksum:3ebc96d3f11702b1b7e69e11e474a70c
: end
 
Upvote 0 Downvote
repost with only the middle 2 octets of public ips masked. we need to decipher what is you to what.

Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
Literally these are the only changes we made to the PIX:

Old configuration
ip address outside 67.78.24.171 255.255.255.248
route outside 0.0.0.0 0.0.0.0 67.78.24.169 1
route outside 10.251.0.0 255.255.255.255 67.78.24.169 1

New configuration
ip address outside 67.78.141.82 255.255.255.240
route outside 0.0.0.0 0.0.0.0 67.78.141.81 1
route outside 10.251.0.0 255.255.255.255 67.78.141.81 1

We changed the IP address on the VPN client from 67.78.24.171 to 67.78.141.82
 
Upvote 0 Downvote
Do you get authentication errors or nothing at all when clients try to connect?? Have you looked at any logs or run any debugs on the PIX to see if there is any action??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Here's the log file when I try to connect.

Cisco Systems VPN Client Version 5.0.00.0340
Copyright (C) 1998-2006 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.1.2600 Service Pack 3
Config file directory: C:\Program Files\Cisco Systems\VPN Client

1 09:33:28.828 11/10/09 Sev=Info/4 CM/0x63100002
Begin connection process

2 09:33:28.875 11/10/09 Sev=Info/4 CM/0x63100004
Establish secure connection

3 09:33:28.875 11/10/09 Sev=Info/4 CM/0x63100024
Attempt connection with server "67.78.141.82"

4 09:33:28.984 11/10/09 Sev=Info/6 IKE/0x6300003B
Attempting to establish a connection with 67.78.141.82.

5 09:33:28.984 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 67.78.141.82

6 09:33:29.000 11/10/09 Sev=Info/4 IPSEC/0x63700008
IPSec driver successfully started

7 09:33:29.000 11/10/09 Sev=Info/4 IPSEC/0x63700014
Deleted all keys

8 09:33:29.125 11/10/09 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 67.78.141.82

9 09:33:29.125 11/10/09 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK AG (SA, VID(Xauth), VID(dpd), VID(Unity), VID(?), KE, ID, NON, VID(?), VID(Nat-T), NAT-D, NAT-D, HASH) from 67.78.141.82

10 09:33:29.125 11/10/09 Sev=Info/5 IKE/0x63000001
Peer supports XAUTH

11 09:33:29.125 11/10/09 Sev=Info/5 IKE/0x63000001
Peer supports DPD

12 09:33:29.125 11/10/09 Sev=Info/5 IKE/0x63000001
Peer is a Cisco-Unity compliant peer

13 09:33:29.125 11/10/09 Sev=Info/5 IKE/0x63000082
Received IOS Vendor ID with unknown capabilities flag 0x000000A5

14 09:33:29.125 11/10/09 Sev=Info/5 IKE/0x63000001
Peer supports NAT-T

15 09:33:29.125 11/10/09 Sev=Info/6 IKE/0x63000001
IOS Vendor ID Contruction successful

16 09:33:29.125 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, NAT-D, NAT-D, VID(?), VID(Unity)) to 67.78.141.82

17 09:33:29.125 11/10/09 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA

18 09:33:29.125 11/10/09 Sev=Info/4 IKE/0x63000083
IKE Port in use - Local Port = 0x0989, Remote Port = 0x1194

19 09:33:29.125 11/10/09 Sev=Info/5 IKE/0x63000072
Automatic NAT Detection Status:
Remote end is NOT behind a NAT device
This end IS behind a NAT device

20 09:33:29.125 11/10/09 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

21 09:33:29.140 11/10/09 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 67.78.141.82

22 09:33:29.140 11/10/09 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_INITIAL_CONTACT) from 67.78.141.82

23 09:33:29.140 11/10/09 Sev=Warning/2 IKE/0xA3000067
Received Unexpected InitialContact Notify (PLMgrNotify:886)

24 09:33:29.140 11/10/09 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 67.78.141.82

25 09:33:29.140 11/10/09 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_RESP_LIFETIME) from 67.78.141.82

26 09:33:29.140 11/10/09 Sev=Info/5 IKE/0x63000045
RESPONDER-LIFETIME notify has value of 86400 seconds

27 09:33:29.140 11/10/09 Sev=Info/5 IKE/0x63000047
This SA has already been alive for 1 seconds, setting expiry to 86399 seconds from now

28 09:33:29.140 11/10/09 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 67.78.141.82

29 09:33:29.140 11/10/09 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 67.78.141.82

30 09:33:29.140 11/10/09 Sev=Info/4 CM/0x63100015
Launch xAuth application

31 09:33:34.171 11/10/09 Sev=Info/4 CM/0x63100017
xAuth application returned

32 09:33:34.171 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 67.78.141.82

33 09:33:34.187 11/10/09 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 67.78.141.82

34 09:33:34.187 11/10/09 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 67.78.141.82

35 09:33:34.187 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 67.78.141.82

36 09:33:34.187 11/10/09 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system

37 09:33:34.453 11/10/09 Sev=Info/5 IKE/0x6300005E
Client sending a firewall request to concentrator

38 09:33:34.453 11/10/09 Sev=Info/5 IKE/0x6300005D
Firewall Policy: Product=Cisco Systems Integrated Client Firewall, Capability= (Centralized Protection Policy).

39 09:33:34.453 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 67.78.141.82

40 09:33:34.468 11/10/09 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 67.78.141.82

41 09:33:34.468 11/10/09 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 67.78.141.82

42 09:33:34.468 11/10/09 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_ADDRESS: , value = 10.252.1.100

43 09:33:34.468 11/10/09 Sev=Info/5 IKE/0x63000010
MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(1): , value = 10.251.0.1

44 09:33:34.468 11/10/09 Sev=Info/5 IKE/0x6300000E
MODE_CFG_REPLY: Attribute = MODECFG_UNITY_DEFDOMAIN: , value = nattymac.local

45 09:33:34.468 11/10/09 Sev=Info/5 IKE/0x6300000D
MODE_CFG_REPLY: Attribute = MODECFG_UNITY_PFS: , value = 0x00000000

46 09:33:34.468 11/10/09 Sev=Info/5 IKE/0x6300000D
MODE_CFG_REPLY: Attribute = Received and using NAT-T port number , value = 0x00001194

47 09:33:34.468 11/10/09 Sev=Info/4 CM/0x63100019
Mode Config data received

48 09:33:34.484 11/10/09 Sev=Info/4 IKE/0x63000056
Received a key request from Driver: Local IP = 10.252.1.100, GW IP = 67.78.141.82, Remote IP = 0.0.0.0

49 09:33:34.484 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK QM *(HASH, SA, NON, ID, ID) to 67.78.141.82

50 09:33:34.500 11/10/09 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 67.78.141.82

51 09:33:34.500 11/10/09 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:NO_PROPOSAL_CHOSEN) from 67.78.141.82

52 09:33:34.500 11/10/09 Sev=Warning/3 IKE/0xA300004B
Received a NOTIFY message with an invalid protocol id (0)

53 09:33:35.375 11/10/09 Sev=Info/4 IPSEC/0x63700014
Deleted all keys

54 09:33:39.375 11/10/09 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA

55 09:33:39.875 11/10/09 Sev=Info/4 IKE/0x63000021
Retransmitting last packet!

56 09:33:39.875 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK QM *(Retransmission) to 67.78.141.82

57 09:33:44.875 11/10/09 Sev=Info/4 IKE/0x63000021
Retransmitting last packet!

58 09:33:44.875 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK QM *(Retransmission) to 67.78.141.82

59 09:33:49.375 11/10/09 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA

60 09:33:49.875 11/10/09 Sev=Info/4 IKE/0x63000021
Retransmitting last packet!

61 09:33:49.875 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK QM *(Retransmission) to 67.78.141.82

62 09:33:54.875 11/10/09 Sev=Info/4 IKE/0x6300002D
Phase-2 retransmission count exceeded: MsgID=E48924F0

63 09:33:54.875 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 67.78.141.82

64 09:33:54.875 11/10/09 Sev=Info/6 IKE/0x6300003D
Sending DPD request to 67.78.141.82, our seq# = 3319899588

65 09:33:54.875 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 67.78.141.82

66 09:33:54.875 11/10/09 Sev=Info/4 IKE/0x63000049
Discarding IPsec SA negotiation, MsgID=E48924F0

67 09:33:54.890 11/10/09 Sev=Info/5 IKE/0x6300002F
Received ISAKMP packet: peer = 67.78.141.82

68 09:33:54.890 11/10/09 Sev=Info/4 IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 67.78.141.82

69 09:33:54.890 11/10/09 Sev=Info/5 IKE/0x63000040
Received DPD ACK from 67.78.141.82, seq# received = 3319899588, seq# expected = 3319899588

70 09:33:59.375 11/10/09 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA

71 09:34:09.375 11/10/09 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA

72 09:34:19.375 11/10/09 Sev=Info/6 IKE/0x63000055
Sent a keepalive on the IPSec SA

73 09:34:24.875 11/10/09 Sev=Info/4 IKE/0x63000017
Marking IKE SA for deletion (I_Cookie=0168A263A30D7835 R_Cookie=B76953D02B94AC58) reason = DEL_REASON_PEER_NOT_RESPONDING

74 09:34:24.875 11/10/09 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 67.78.141.82

75 09:34:25.375 11/10/09 Sev=Info/4 IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=0168A263A30D7835 R_Cookie=B76953D02B94AC58) reason = DEL_REASON_PEER_NOT_RESPONDING

76 09:34:25.375 11/10/09 Sev=Info/4 CM/0x63100012
Phase 1 SA deleted before first Phase 2 SA is up cause by "DEL_REASON_PEER_NOT_RESPONDING". 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

77 09:34:25.375 11/10/09 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv

78 09:34:25.375 11/10/09 Sev=Info/6 CM/0x63100046
Set tunnel established flag in registry to 0.

79 09:34:25.375 11/10/09 Sev=Info/4 IKE/0x63000001
IKE received signal to terminate VPN connection

80 09:34:25.593 11/10/09 Sev=Info/4 IPSEC/0x63700014
Deleted all keys

81 09:34:25.593 11/10/09 Sev=Info/4 IPSEC/0x63700014
Deleted all keys

82 09:34:25.593 11/10/09 Sev=Info/4 IPSEC/0x63700014
Deleted all keys

83 09:34:25.593 11/10/09 Sev=Info/4 IPSEC/0x6370000A
IPSec driver successfully stopped

 
Upvote 0 Downvote
We figured it out .... appreciate all your help.
 
Upvote 0 Downvote
can you post what it was??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
267
Sameer258
Sameer258
XLNTech1
  • Locked
  • Question
iptables port forwarding
Replies
0
Views
235
XLNTech1
XLNTech1
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
349
Shmid
Shmid
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
280
intel233
intel233
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
284
Johnkite
Johnkite

Part and Inventory Search

Sponsor

Back
Top