Re: Cisco VPN Client 4.03F disconnected after about 20 minutes i

mgtang · ‎09-12-2004

When there is not any traffic between my Cisco VPN Client and my PIX-515E. After about 20 minutes, the VPN Client disconnected automatically. I've already changed the "vpngroup group_name idle-time" to 72000 (20 hours), but no use. Could anyone help me? Any suggestion is appreciated.

Error message from GUI:

Secure VPN connection terminated locally by the client. Reason 412: The remote peer is no longer responding

mgtang · ‎09-12-2004

Here is the VPN client log:

98 15:01:37.679 09/12/04 Sev=Info/6IKE/0x6300003D

Sending DPD request to 218.xxx.xxx.xxx, seq# = 2230582157

99 15:01:37.679 09/12/04 Sev=Info/4IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 218.xxx.xxx.xxx

100 15:01:42.687 09/12/04 Sev=Info/6IKE/0x6300003D

Sending DPD request to 218.xxx.xxx.xxx, seq# = 2230582158

101 15:01:42.687 09/12/04 Sev=Info/4IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 218.xxx.xxx.xxx

102 15:01:47.694 09/12/04 Sev=Info/6IKE/0x6300003D

Sending DPD request to 218.xxx.xxx.xxx, seq# = 2230582159

103 15:01:47.694 09/12/04 Sev=Info/4IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 218.xxx.xxx.xxx

104 15:01:52.701 09/12/04 Sev=Info/6IKE/0x6300003D

Sending DPD request to 218.xxx.xxx.xxx, seq# = 2230582160

105 15:01:52.701 09/12/04 Sev=Info/4IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 218.xxx.xxx.xxx

106 15:01:57.708 09/12/04 Sev=Info/6IKE/0x6300003D

Sending DPD request to 218.xxx.xxx.xxx, seq# = 2230582161

107 15:01:57.708 09/12/04 Sev=Info/4IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 218.xxx.xxx.xxx

108 15:02:02.715 09/12/04 Sev=Info/6IKE/0x6300003D

Sending DPD request to 218.xxx.xxx.xxx, seq# = 2230582162

109 15:02:02.715 09/12/04 Sev=Info/4IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 218.xxx.xxx.xxx

110 15:02:07.723 09/12/04 Sev=Info/6IKE/0x6300003D

Sending DPD request to 218.xxx.xxx.xxx, seq# = 2230582163

111 15:02:07.723 09/12/04 Sev=Info/4IKE/0x63000013

130 15:02:58.666 09/12/04 Sev=Info/6IKE/0x6300003D

Sending DPD request to 218.xxx.xxx.xxx, seq# = 2230582173

131 15:02:58.666 09/12/04 Sev=Info/4IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 218.xxx.xxx.xxx

132 15:03:03.673 09/12/04 Sev=Info/6IKE/0x6300003D

Sending DPD request to 218.xxx.xxx.xxx, seq# = 2230582174

133 15:03:03.673 09/12/04 Sev=Info/4IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 218.xxx.xxx.xxx

134 15:03:09.181 09/12/04 Sev=Info/4IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 218.xxx.xxx.xxx

135 15:03:09.181 09/12/04 Sev=Info/5IKE/0x63000018

Deleting IPsec SA: (OUTBOUND SPI = BDD300DC INBOUND SPI = D8821AC5)

136 15:03:09.181 09/12/04 Sev=Info/4IKE/0x63000048

Discarding IPsec SA negotiation, MsgID=631AF8B0

137 15:03:09.181 09/12/04 Sev=Info/4IKE/0x63000017

Marking IKE SA for deletion (I_Cookie=AA3D95411C6194C8 R_Cookie=CF5F8A56E46446ED) reason = DEL_REASON_PEER_NOT_RESPONDING

138 15:03:09.181 09/12/04 Sev=Info/4IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 218.xxx.xxx.xxx

139 15:03:09.682 09/12/04 Sev=Info/4IPSEC/0x63700013

Delete internal key with SPI=0xc51a82d8

mgtang · ‎09-12-2004

140 15:03:09.682 09/12/04 Sev=Info/4IPSEC/0x6370000C

Key deleted by SPI 0xc51a82d8

141 15:03:09.682 09/12/04 Sev=Info/4IPSEC/0x63700013

Delete internal key with SPI=0xdc00d3bd

142 15:03:09.682 09/12/04 Sev=Info/4IPSEC/0x6370000C

Key deleted by SPI 0xdc00d3bd

143 15:03:09.682 09/12/04 Sev=Info/4IKE/0x6300004A

Discarding IKE SA negotiation (I_Cookie=AA3D95411C6194C8 R_Cookie=CF5F8A56E46446ED) reason = DEL_REASON_PEER_NOT_RESPONDING

144 15:03:09.682 09/12/04 Sev=Info/4CM/0x63100013

Phase 1 SA deleted cause by DEL_REASON_PEER_NOT_RESPONDING. 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

145 15:03:09.682 09/12/04 Sev=Info/5CM/0x63100025

Initializing CVPNDrv

146 15:03:09.692 09/12/04 Sev=Info/6CM/0x63100031

Tunnel to headend device 218.xxx.xxx.xxx disconnected: duration: 0 days 0:23:44

147 15:03:09.692 09/12/04 Sev=Info/4IKE/0x63000001

IKE received signal to terminate VPN connection

mgtang · ‎09-12-2004

148 15:03:09.702 09/12/04 Sev=Info/5CVPND/0x63400013

Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 0.0.0.0 61.173.6.124 1

10.0.0.0 10.0.0.0 10.0.0.0 10.1.1.2 10

10.1.1.2 10.1.1.2 10.1.1.2 127.0.0.1 10

10.255.255.255 10.255.255.255 10.255.255.255 10.1.1.2 10

218.xxx.xxx.xxx 218.xxx.xxx.xxx 218.xxx.xxx.xxx 61.173.6.124 1

61.173.6.124 61.173.6.124 61.173.6.124 127.0.0.1 50

61.255.255.255 61.255.255.255 61.255.255.255 61.173.6.124 50

127.0.0.0 127.0.0.0 127.0.0.0 127.0.0.1 1

169.254.0.0 169.254.0.0 169.254.0.0 169.254.149.248 20

169.254.149.248 169.254.149.248 169.254.149.248 127.0.0.1 20

169.254.255.255 169.254.255.255 169.254.255.255 169.254.149.248 20

172.16.0.0 172.16.0.0 172.16.0.0 10.1.1.2 1

192.168.1.0 192.168.1.0 192.168.1.0 10.1.1.2 1

192.168.2.0 192.168.2.0 192.168.2.0 10.1.1.2 1

192.168.3.0 192.168.3.0 192.168.3.0 10.1.1.2 1

192.168.4.0 192.168.4.0 192.168.4.0 10.1.1.2 1

218.1.0.250 218.1.0.250 218.1.0.250 61.173.6.124 1

224.0.0.0 224.0.0.0 224.0.0.0 10.1.1.2 10

224.0.0.0 224.0.0.0 224.0.0.0 169.254.149.248 20

224.0.0.0 224.0.0.0 224.0.0.0 61.173.6.124 1

255.255.255.255 255.255.255.255 255.255.255.255 10.1.1.2 1

255.255.255.255 255.255.255.255 255.255.255.255 61.173.6.124 1

255.255.255.255 255.255.255.255 255.255.255.255 169.254.149.248 1

149 15:03:09.712 09/12/04 Sev=Info/5CVPND/0x63400013

Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 0.0.0.0 61.173.6.124 1

10.0.0.0 10.0.0.0 10.0.0.0 10.1.1.2 10

10.1.1.2 10.1.1.2 10.1.1.2 127.0.0.1 10

10.255.255.255 10.255.255.255 10.255.255.255 10.1.1.2 10

61.173.6.124 61.173.6.124 61.173.6.124 127.0.0.1 50

61.255.255.255 61.255.255.255 61.255.255.255 61.173.6.124 50

127.0.0.0 127.0.0.0 127.0.0.0 127.0.0.1 1

169.254.0.0 169.254.0.0 169.254.0.0 169.254.149.248 20

169.254.149.248 169.254.149.248 169.254.149.248 127.0.0.1 20

169.254.255.255 169.254.255.255 169.254.255.255 169.254.149.248 20

218.1.0.250 218.1.0.250 218.1.0.250 61.173.6.124 1

224.0.0.0 224.0.0.0 224.0.0.0 10.1.1.2 10

224.0.0.0 224.0.0.0 224.0.0.0 169.254.149.248 20

224.0.0.0 224.0.0.0 224.0.0.0 61.173.6.124 1

255.255.255.255 255.255.255.255 255.255.255.255 10.1.1.2 1

255.255.255.255 255.255.255.255 255.255.255.255 61.173.6.124 1

255.255.255.255 255.255.255.255 255.255.255.255 169.254.149.248 1

mgtang · ‎09-12-2004

150 15:03:09.712 09/12/04 Sev=Info/6CM/0x63100037

The routing table was returned to orginal state prior to Virtual Adapter

151 15:03:11.985 09/12/04 Sev=Info/4CM/0x63100035

The Virtual Adapter was disabled

152 15:03:12.065 09/12/04 Sev=Info/4IKE/0x63000085

Microsoft IPSec Policy Agent service started successfully

153 15:03:12.075 09/12/04 Sev=Info/4IPSEC/0x63700014

Deleted all keys

154 15:03:12.075 09/12/04 Sev=Info/4IPSEC/0x63700014

Deleted all keys

155 15:03:12.075 09/12/04 Sev=Info/4IPSEC/0x63700014

Deleted all keys

156 15:03:12.075 09/12/04 Sev=Info/4IPSEC/0x6370000A

IPSec driver successfully stopped

mgtang · ‎09-17-2004

Nobody met with the same problem like me?

rgomez · ‎12-13-2004

its seems to be related with the lifetime of the session.

you can check it with

sh crypto ipsec security-association

and you can change it with

crypto ipsec security-association lifetime 3600 (3600secs i.e.)

svuorilehto · ‎09-21-2004

Might have something to do with connectivity issues between client and pix. Have you tried disabling ike keepalives from your client. Edit your pcf -file so that line:

ForceKeepAlives=0 --> ForceKeepAlives=1

Those keepalives are sent if your vpn connection have been idle for some time. If peer doesn't respond to these dpd-packets then connection is disconnected.

Cisco VPN Client 4.03F disconnected after about 20 minutes idle time.