Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
586
Views
0
Helpful
3
Replies

Remote Access VPN using Cisco 3005

mark.blanchfield
Level 1
Level 1

‎03-19-2007 10:42 AM - edited ‎02-21-2020 02:55 PM

We have a 3005 VPN Concentrator terminating all of our remote access VPNs. One of the internal domain controllers went down which serves as DHCP/DNS servers for remote access VPN users. I changed the settings in numerous locations within the Concentrator configuration which has the new servers but users are still unable to connect. It gets stuck on "Negotiating Security Policy". I have confirmed from the VPN log that users are being authenticated properly. The log shows:

"Connection terminated for peer mblanchfield.

Reason: Peer Terminate, Administratively Disconnected."

"DHCP discover timeout: no response from polled servers"

"Received unsupported transaction mode attribute: 5"

Labels:
0 Helpful
3 Replies 3

Kamal Malhotra
Cisco Employee
Cisco Employee

‎03-19-2007 11:22 AM

Hi Mark,

Please make sure that when you goto Configuration | System | Address Management | Assignment, 'Use DHCP' is checked. When you goto Configuration | System | Servers | DHCP, you have the correct DHCP IP. Please also make sure that this server is pingable from the concentrator.

HTH,

Please rate if it helps,

Regards,

Kamal

0 Helpful

mark.blanchfield
Level 1
Level 1
In response to Kamal Malhotra

‎03-19-2007 11:38 AM

Kamal,

Hi. Thanks for the response. The servers are correct and I can ping the DHCP server. The logs are vague as far as what this might be. Here is more output from the log:

367 03/19/2007 13:28:14.770 SEV=6 IKE/201 RPT=4 66.153.244.7

Group [WaveL!nk1] User [mblanchfield]

Duplicate Phase 2 packet detected. No last packet to retransmit.

369 03/19/2007 13:28:20.280 SEV=5 IKE/50 RPT=2 66.153.244.7

Group [WaveL!nk1] User [mblanchfield]

Connection terminated for peer mblanchfield.

Reason: Peer Terminate, Administratively Disconnected.

Remote Proxy N/A, Local Proxy N/A

373 03/19/2007 13:28:22.560 SEV=3 DHCPDBG/39 RPT=2

DHCP discover timeout: no response from polled servers (xid 2251547051)

374 03/19/2007 13:28:22.560 SEV=5 IP/43 RPT=2

Deleting TCP entry for device 66.153.244.7 on port 18387

0 Helpful

mark.blanchfield
Level 1
Level 1
In response to mark.blanchfield

‎03-19-2007 12:25 PM

The issue is resolved. I had the incorrect DHCP servers in there. When I changed them, it started working. Thanks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents