04-22-2009 08:24 AM
We have been getting a number of users complaining about their connection dropping when using the VPN over a wireless connection. After the drop, the client is unable to reconnect without doing a "repair" or rebooting the machine. Anyone experience anything similar?
Thanks!
04-22-2009 09:47 AM
Any particular log on the vpn client? Somem complain on it (log) regarding an ip address change? are those hosts vista PCs or XP?
04-22-2009 10:52 AM
Log mentions the client lost its IP address. I'll have to get the exact verbiage to be accurate though. All are XP clients now.
04-22-2009 10:54 AM
Yeah heard that before, it should say something like SADB changed... try to get a log so we can confirm this. Anyways you can look for the registry key Automatic IP addres Update on the XP, it causes the XP to try to renew the ip address continuously and that is known to cause problems. Look for it on google.
04-24-2009 05:35 AM
OK. I'll grab a log file as soon as I can replicate the problem again. Thanks for the tip.
05-05-2009 09:59 AM
Did you get this resolved? Let me know as I may have a fix for you.
Craig
06-10-2009 06:57 AM
Hi Craig
We have a user with the same problem - have you got a fix?
Cheers
Miles
06-10-2009 07:18 AM
Hi Miles,
I noticed with our clients that the wireless users were connecting as a straight IPSEC vpn connection without NAT-T. Check on your concentrator or ASA and see if they connect without NAT-T.
I came to the conclusion that our edge firewall (non cisco) has a UDP connection timeout of 180 seconds and is non changeable.
To work around this I added the line below to the vpn profile files under c:\programs files\cisco systems\vpn client\profiles and whatever your profile is .pcf. Open with wordpad and add this line.
ForceNatT=1 (case sensitive)
This will force the vpn client to use NAT-T regardless of internet connection.
This introduces another keepalive mechanism that will keep the connection alive past the 180 second UDP timeout.
HTH
Craig
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: