Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 21 replies
  • Subscribers 1 subscriber
  • Views 21264 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cisco VPN Disconnects after an hour

Rogue Agent
Following the manual for setting up the Cisco VPN client for a remote VPN to the Astaro gateway, I've got my VPN up and working.  However, each time I connect to the VPN my connection will only stay active for an hour.  After and hour it disconnects.  I am running version 4.9.01.0280 of the cisco vpn client on OS X 10.6.7 and ASG v8.102.

I cannot figure out why it is auto disconnecting me on a regular (very) basis.  Anyone seen this before?


This thread was automatically locked due to age.
Parents
  • 0
    Bob, here are my sanitized logs during the disconnect from the ASG. 


    2011:04:22-08:13:21  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #75: initiating Quick Mode ENCRYPT+TUNNEL+XAUTHRSASIG+XAUTHSERVER to replace #74 {using isakmp#73}

    2011:04:22-08:13:21  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:13:21  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x5cfa8b50) not found (maybe expired)

    2011:04:22-08:13:31  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:13:31  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xea5fb631) not found (maybe expired)

    2011:04:22-08:13:51  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:13:51  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x4fb1f3e6) not found (maybe expired)

    2011:04:22-08:14:31  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #75: max number of retransmissions (2) reached STATE_QUICK_I1

    2011:04:22-08:14:31  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #75: starting keying attempt 2 of at most 3

    2011:04:22-08:14:31  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #76: initiating Quick Mode ENCRYPT+TUNNEL+XAUTHRSASIG+XAUTHSERVER to replace #75 {using isakmp#73}

    2011:04:22-08:14:31  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:14:31  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x5a62a5fb) not found (maybe expired)

    2011:04:22-08:14:41  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:14:41  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x8b68502d) not found (maybe expired)

    2011:04:22-08:15:01  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:15:01  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x1ca86a4e) not found (maybe expired)

    2011:04:22-08:15:41  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #76: max number of retransmissions (2) reached STATE_QUICK_I1

    2011:04:22-08:15:41  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #76: starting keying attempt 3 of at most 3

    2011:04:22-08:15:41  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #77: initiating Quick Mode ENCRYPT+TUNNEL+XAUTHRSASIG+XAUTHSERVER to replace #76 {using isakmp#73}

    2011:04:22-08:15:41  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:15:41  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x0e044cd6) not found (maybe expired)

    2011:04:22-08:15:51  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:15:51  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xa65b70b0) not found (maybe expired)

    2011:04:22-08:16:11  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:16:11  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x3d040273) not found (maybe expired)

    2011:04:22-08:16:51  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #77: max number of retransmissions (2) reached STATE_QUICK_I1

    2011:04:22-08:17:51  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #74: IPsec SA expired (LATEST!)

    2011:04:22-08:17:51  pluto[8800]: id="2202" severity="info" sys="SecureNet" sub="vpn" event="Connection terminated" username="" variant="ipsec" srcip="" virtual_ip="10.242.5.1"

    2011:04:22-08:17:52  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735: deleting connection "D_REF_llOZlfdMOh_0" instance with peer  {isakmp=#0/ipsec=#0}
Reply
  • 0
    Bob, here are my sanitized logs during the disconnect from the ASG. 


    2011:04:22-08:13:21  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #75: initiating Quick Mode ENCRYPT+TUNNEL+XAUTHRSASIG+XAUTHSERVER to replace #74 {using isakmp#73}

    2011:04:22-08:13:21  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:13:21  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x5cfa8b50) not found (maybe expired)

    2011:04:22-08:13:31  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:13:31  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xea5fb631) not found (maybe expired)

    2011:04:22-08:13:51  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:13:51  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x4fb1f3e6) not found (maybe expired)

    2011:04:22-08:14:31  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #75: max number of retransmissions (2) reached STATE_QUICK_I1

    2011:04:22-08:14:31  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #75: starting keying attempt 2 of at most 3

    2011:04:22-08:14:31  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #76: initiating Quick Mode ENCRYPT+TUNNEL+XAUTHRSASIG+XAUTHSERVER to replace #75 {using isakmp#73}

    2011:04:22-08:14:31  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:14:31  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x5a62a5fb) not found (maybe expired)

    2011:04:22-08:14:41  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:14:41  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x8b68502d) not found (maybe expired)

    2011:04:22-08:15:01  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:15:01  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x1ca86a4e) not found (maybe expired)

    2011:04:22-08:15:41  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #76: max number of retransmissions (2) reached STATE_QUICK_I1

    2011:04:22-08:15:41  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #76: starting keying attempt 3 of at most 3

    2011:04:22-08:15:41  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #77: initiating Quick Mode ENCRYPT+TUNNEL+XAUTHRSASIG+XAUTHSERVER to replace #76 {using isakmp#73}

    2011:04:22-08:15:41  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:15:41  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x0e044cd6) not found (maybe expired)

    2011:04:22-08:15:51  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:15:51  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xa65b70b0) not found (maybe expired)

    2011:04:22-08:16:11  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring informational payload, type NO_PROPOSAL_CHOSEN

    2011:04:22-08:16:11  pluto[8800]: "D_REF_llOZlfdMOh_2"[14] :33735 #73: ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0x3d040273) not found (maybe expired)

    2011:04:22-08:16:51  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #77: max number of retransmissions (2) reached STATE_QUICK_I1

    2011:04:22-08:17:51  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735 #74: IPsec SA expired (LATEST!)

    2011:04:22-08:17:51  pluto[8800]: id="2202" severity="info" sys="SecureNet" sub="vpn" event="Connection terminated" username="" variant="ipsec" srcip="" virtual_ip="10.242.5.1"

    2011:04:22-08:17:52  pluto[8800]: "D_REF_llOZlfdMOh_0"[14] :33735: deleting connection "D_REF_llOZlfdMOh_0" instance with peer  {isakmp=#0/ipsec=#0}
Children
No Data