03-02-2007 05:12 AM - edited 03-09-2019 05:30 PM
I have been struggling with this problem for months and I've been searching through the various forums & documentation here trying to find a solution and I'm pretty much at a complete loss.
The problem is that a remote user (regardless of connction type, broadband, dsl, dialup, et. al) establishes a vpn session and within a period of 2 to 3 minutes it's terminated with the infamous 412 error. After looking at the log entries on both the concentrator & the client, about the only thing odd I can find is that the DPD ACK seq# expected value is offset by 2 when compared to the seq# received.
And about the only consistant thing is that once the agent on the endpoint starts spitting out dpd values that are not matching, it's only a matter of time before the session is terminated.
I have enclosed both the concentrators live log and the client logs for the time this is happened. And at this point the problem is fairly consistent.
I've set up a 3005 concentrator in my office and am trying to simulate the general environment that my users are usually in. And the configuration is as follows:
3005 running 4.1.7Q
PC Running Windows XP SP2 (including all current hotfixes and patches)
Symantec (Sygate) SPA 5.1 build 6501
Cisco VPN client 4.8.01.0300
If anybody could think of something I'm missing or can see something in the logs where something doesn't seem right, please let me know as I've got a huge target on my back and a herd of really irate remote users looking for me.
Thanks in advance,
Brian Saloum
03-03-2007 05:28 AM
Hi,
Its pretty much clear from the logs that concentrator is disconnecting the clients.
Try the following :
In the VPN client group, disable the isakmp keepalives.
HTH,
-Kanishka
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide