Cisco VPN all packets are discarded or bypassed - UDP to 62515 i

pkouzmitcheu · ‎05-26-2013

I have Windows 7 and Cisco VPN Client 5.0.07.0290

I'm not able to work with company VPN from home. I can connect to VPN, but after being connected nothing works and in VPN statistics I see that all packets are discarded or bypassed.

In the logs of problematic PC VPN I noticed that it sends DPD_REQUEST and receives DPD_ACK in loop, and nothing beyond that happens. Looks VPN client for some reason is not satisfied with DPD_ACK and sends DPD_REQUEST again, but I don't see any errors in the log.

I have another PC at home, and it works fine with the same VPN , through the same internet access.

I recorded communication with VPN server from both "good" and "bad" PCs. Basically VPN handshake (if I can call it that way) contains 15 ISAKMP packets sent to and from VPN server (not including nat-keepalive packets). Normal handshake finishes with DPD_REQUEST following DPD_ACK message both ISAKMP packets - 130 byte. In case of bad handshake DPD_REQUEST and DPD_ACK are sent in loop.

I notice 2 differences in communication with VPN server, which may give a clue what is wrong:

1. On Good PC, VPN handshake starts with UDP packet 58 bytes, sent to VPN port 62515. Similar UDP packet 54 bytes is sent by the end of handshake, before DPD_REQUEST . On Bad PC these 2 UDP packets are not sent for some reason.

2. Order and sizes of ISAKMP packets are the same on both PCs except one. The Packet contains Transaction (Config mode) encrypted data, the packet size on good is 234 on bad 226 bytes.

I think the point 1 may be the reason, though I'm not sure.

Please, help me to understand why 2 UDP packets are not sent from failing machine? I checked firewall, looks it is not its fail.

Varinder Singh · ‎05-26-2013

Are you using 64 bit or 32 bit version of windows 7? What kind of internet connection are you using ?

Regards,

Varinder

P.S. Please mark this post as 'Answered' if you find the above information helpful so that it brings goodness to other community users

Regards, Varinder P.S. Please mark this post as 'Answered' if you find the above information helpful so that it brings goodness to other community users

pkouzmitcheu · ‎05-27-2013

I'm using 64 bits version. I'm connected through fiber optic - Verizon FiOS. Besides of Verizon modem/router I have my own wifi router. I tried VPN client while beign connected through wifi and though cable connected directly to modem. None of its worked from "bad" PC.

Note: I don't think the issue is related to connection - I installed VPN clien to 2 other computers, and they were able to connect to my work VPN without any issues. I think the issue is somewhere either in my system - e.g. network or virtual adapter, or, something happened with VPN client - maybe some wrong values in registry, which stay there even I reinstall the clien.

pkouzmitcheu · ‎05-27-2013

The problem is fixed and it was silly simple. I uninstalled Zone Alarm firewall, and now it works. I didn't suspect the firewall as I trusted it too much: I checked it configuration multiple times, and I tried disabling it multiple times (snooze firewall for 5 minutes), I also remove its services from windows start.

But that wasn't enough, the enough was to uninstall it completely in my case. Not sure why UDP to 62515 was blocked.

Muneeb Ahmed · ‎02-25-2015

Thanks for the hint! In my case it was Kaspersky. Just disabling /stopping did not help. Had to uninstall it and reboot PC and it started working!!

Cisco VPN all packets are discarded or bypassed - UDP to 62515 is not sent