12-28-2010 10:19 PM
am not able to connect to VPN on LAN. I checked the check box saying "Allow LAN access" but still i cannot connect.
We need vpn to connect to client n/w even when in office.
vpn connects fine if i use some data card or wifi connetion but if fails when connected to LAN cable
Do i need to change any other setting.
12-28-2010 11:22 PM
Hi Hitesh,
What I understand is you are having problems connecting to VPN when you connect to the internet using LAN cable. With wi fi or data card it works
Does it prompt you for username and password ?
I would suggest you to take the following outputs and send it over. Lets see what exactly is the problem :
On client
======
On VPN client, go to Log > enable , then log > log settings and set all of them to 3 - high
Now go to the log tab, and copy the output.
On ASA/ PIX/ router
======
We can enable conditional debugs for your PC public IP address :
debug cry condition peer ipv4
debug cry condition peer
debug cry isa 127
debug cry ips 127
The option allow LAN access is not for enabling LAN access on the office n/w. If you check this option, you would be able to access resources in your home n/w, such as printers etc.
Thanks,
manasi!
12-28-2010 11:58 PM
27 13:20:22.546 12/29/10 Sev=Info/4 CM/0x63100002
Begin connection process
28 13:20:23.437 12/29/10 Sev=Info/4 CVPND/0xE3400001
Microsoft IPSec Policy Agent service stopped successfully
29 13:20:23.437 12/29/10 Sev=Info/4 CM/0x63100004
Establish secure connection using Ethernet
30 13:20:23.437 12/29/10 Sev=Info/4 CM/0x63100024
Attempt connection with server "pln.vpn.eds.com"
31 13:20:23.718 12/29/10 Sev=Info/6 CM/0x6310002F
Allocated local TCP port 3257 for TCP connection.
32 13:20:23.718 12/29/10 Sev=Info/4 IPSEC/0x63700008
IPSec driver successfully started
33 13:20:23.718 12/29/10 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
34 13:20:23.718 12/29/10 Sev=Info/6 IPSEC/0x6370001F
TCP SYN sent to 192.85.47.151, src port 3257, dst port 10000
35 13:20:28.843 12/29/10 Sev=Info/4 CM/0x6310002A
Unable to establish TCP connection on port 10000 with server "pln.vpn.eds.com"
36 13:20:28.843 12/29/10 Sev=Info/4 CM/0x63100024
Attempt connection with server "192.85.50.151"
37 13:20:28.843 12/29/10 Sev=Info/4 CM/0x6310002D
Resetting TCP connection on port 10000
38 13:20:28.843 12/29/10 Sev=Info/6 IPSEC/0x63700022
TCP RST sent to 192.85.47.151, src port 3257, dst port 10000
39 13:20:28.843 12/29/10 Sev=Info/6 IPSEC/0x6370001F
TCP SYN sent to 192.85.50.151, src port 3257, dst port 10000
40 13:20:33.844 12/29/10 Sev=Info/6 IPSEC/0x6370001F
TCP SYN sent to 192.85.50.151, src port 3257, dst port 10000
41 13:20:39.844 12/29/10 Sev=Info/6 IPSEC/0x6370001F
TCP SYN sent to 192.85.50.151, src port 3257, dst port 10000
42 13:20:44.876 12/29/10 Sev=Info/6 IPSEC/0x6370001F
TCP SYN sent to 192.85.50.151, src port 3257, dst port 10000
43 13:20:48.876 12/29/10 Sev=Info/4 CM/0x6310002A
Unable to establish TCP connection on port 10000 with server "192.85.50.151"
44 13:20:48.876 12/29/10 Sev=Info/4 CM/0x6310000C
All connection attempts with backup server failed
45 13:20:48.876 12/29/10 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv
46 13:20:48.876 12/29/10 Sev=Info/4 CM/0x6310002D
Resetting TCP connection on port 10000
47 13:20:48.876 12/29/10 Sev=Info/6 CM/0x63100030
Removed local TCP port 3257 for TCP connection.
48 13:20:48.892 12/29/10 Sev=Info/4 IKE/0x63000086
Microsoft IPSec Policy Agent service started successfully
49 13:20:49.376 12/29/10 Sev=Info/6 IPSEC/0x63700022
TCP RST sent to 192.85.50.151, src port 3257, dst port 10000
50 13:20:49.376 12/29/10 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
51 13:20:49.376 12/29/10 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
52 13:20:49.376 12/29/10 Sev=Info/4 IPSEC/0x6370000A
IPSec driver successfully stopped
am not getting any window to enter username/password. i get the error " Secure VPN connection terminated by client Reason 414: failed to establish TCP connection"
aslo, I dont have access to router to try those debug commnads
12-29-2010 03:41 AM
Hi Hitesh,
Looks like you are trying to connect over TCP and the connection doesn seem to get established. Can you try to make the following changes :
Click on the connection profile and click on modify. Now click on the transport TAB and click on IPSEC over UDP.
Let me know how it goes!!
If it still doesn work, Please send the logs and debugs again.
Thanks,
Manasi
12-30-2010 08:32 PM
Here you go....
No luck!
But this tim e error has changed to Error:412: connectioned terminated by client.
Logs:
Cisco Systems VPN Client Version 4.0.5 (D)
Copyright (C) 1998-2003 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.1.2600 Service Pack 3
4 09:55:16.334 12/31/10 Sev=Info/4 CM/0x63100002
Begin connection process
5 09:55:17.022 12/31/10 Sev=Info/4 CVPND/0xE3400001
Microsoft IPSec Policy Agent service stopped successfully
6 09:55:17.022 12/31/10 Sev=Info/4 CM/0x63100004
Establish secure connection using Ethernet
7 09:55:17.022 12/31/10 Sev=Info/4 CM/0x63100024
Attempt connection with server "pln.vpn.eds.com"
8 09:55:17.334 12/31/10 Sev=Info/6 IKE/0x6300003B
Attempting to establish a connection with 192.85.47.151.
9 09:55:17.694 12/31/10 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Nat-T), VID(Frag), VID(Unity)) to 192.85.47.151
10 09:55:17.694 12/31/10 Sev=Info/4 IPSEC/0x63700008
IPSec driver successfully started
11 09:55:17.694 12/31/10 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
12 09:55:22.959 12/31/10 Sev=Info/4 IKE/0x63000017
Marking IKE SA for deletion (I_Cookie=2A37BC1A7FB4B798 R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING
13 09:55:23.459 12/31/10 Sev=Info/4 IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=2A37BC1A7FB4B798 R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING
14 09:55:23.459 12/31/10 Sev=Info/4 CM/0x63100014
Unable to establish Phase 1 SA with server "pln.vpn.eds.com" because of "DEL_REASON_PEER_NOT_RESPONDING"
15 09:55:23.459 12/31/10 Sev=Info/4 CM/0x63100011
Attempt connection with backup server "192.85.50.151"
16 09:55:23.459 12/31/10 Sev=Info/4 CM/0x63100024
Attempt connection with server "192.85.50.151"
17 09:55:23.459 12/31/10 Sev=Info/6 IKE/0x6300003B
Attempting to establish a connection with 192.85.50.151.
18 09:55:23.475 12/31/10 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Nat-T), VID(Frag), VID(Unity)) to 192.85.50.151
19 09:55:28.959 12/31/10 Sev=Info/4 IKE/0x63000017
Marking IKE SA for deletion (I_Cookie=73BED76877C23218 R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING
20 09:55:29.459 12/31/10 Sev=Info/4 IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=73BED76877C23218 R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING
21 09:55:29.459 12/31/10 Sev=Info/4 CM/0x63100014
Unable to establish Phase 1 SA with server "192.85.50.151" because of "DEL_REASON_PEER_NOT_RESPONDING"
22 09:55:29.459 12/31/10 Sev=Info/4 CM/0x6310000C
All connection attempts with backup server failed
23 09:55:29.459 12/31/10 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv
24 09:55:29.459 12/31/10 Sev=Info/4 IKE/0x63000001
IKE received signal to terminate VPN connection
25 09:55:29.522 12/31/10 Sev=Info/4 IKE/0x63000086
Microsoft IPSec Policy Agent service started successfully
26 09:55:29.959 12/31/10 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
27 09:55:29.959 12/31/10 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
28 09:55:29.959 12/31/10 Sev=Info/4 IPSEC/0x63700014
Deleted all keys
29 09:55:29.959 12/31/10 Sev=Info/4 IPSEC/0x6370000A
IPSec driver successfully stopped
12-31-2010 03:02 AM
Hi
In remote access VPN Error 412, comes when remote server is not responding. means your client i tried to communicate,
can you please check your internet connection work properly when you use internet adapter. and also remember if you
are using adapter your firewall configuration should allow vpn traffic. some point you may be help you.
Try this,
HTH
Jignesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide