Re: Vpn client gets disconnected from concentrator with RST

ccs · ‎12-23-2003

When I try to connect to the concentrator with any software client, the cleint gets disconnected. When I use the 4.0.3. client the log shows the following output:

433 09:46:27.657 12/23/03 Sev=Info/6 IPSEC/0x6370001F

TCP SYN sent to xxx.xxx.xxx.xxx, src port 2510, dst port 10000

434 09:46:27.657 12/23/03 Sev=Info/6 IPSEC/0x6370001C

TCP SYN-ACK received from xxx.xxx.xxx.xxx, src port 10000, dst port 2510

435 09:46:27.657 12/23/03 Sev=Info/6 IPSEC/0x63700020

TCP ACK sent to xxx.xxx.xxx.xxx, src port 2510, dst port 10000

436 09:46:28.208 12/23/03 Sev=Info/4 CM/0x63100024

Attempt connection with server "xxx.xxx.xxx.xxx"

437 09:46:28.208 12/23/03 Sev=Info/6 IKE/0x6300003B

Attempting to establish a connection with xxx.xxx.xxx.xxx.

438 09:46:28.258 12/23/03 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Unity)) to xxx.xxx.xxx.xxx

439 09:46:29.129 12/23/03 Sev=Info/6 IPSEC/0x6370001D

TCP RST received from xxx.xxx.xxx.xxx, src port 10000, dst port 2510

440 09:46:33.635 12/23/03 Sev=Info/4 IKE/0x63000021

Retransmitting last packet!

If I use Ipsec/udp I also do not get a connection.

Can anyone please help me and tell me what could be wrong?

ccs · ‎12-24-2003

It seems that this has to do with the user authentication: if I set the Authentication field in the Ipsec tab to None, the client authenticates (without the need to fill in a user/pwd), if I put it back to Internal, The client gets a "Remote peer no longer responding" message when trying to connect.

Does anybody know what could be wrong and why Internal authentication goes wrong even though there are users in that group?