VPN client : error Lost Service

Unanswered Question
Aug 14th, 2007

Every 57 mins my client looses connection to the VPN concentrator Please find the logs attached from the VPN and Cisco Client

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
pradeepde Mon, 08/20/2007 - 08:50

In order to resolve this issue, issue the crypto isakmp keepalive command on the router in global configuration mode. This allows the gateway to send DPD messages to the peer.

If the issue is related to the PIX Firewall version 6.x, issue the isakmp keepalive 10 command in global configuration mode. For PIX version 7.x and ASA, issue the isakmp keepalive 10 command in the IPsec tunnel configuration mode.

acomiskey Thu, 08/23/2007 - 10:29

Here is a "Lost Service" error message and I have dpd enabled on the asa and the pix.

%ASA-4-113019: Group =, Username =, IP =, Session disconnected. Session Type: IPSecLAN2LAN, Duration: 2d 5h:36m:43s, Bytes xmt: 86319957, Bytes rcv: 479782528, Reason: Lost Service

Any ideas?

cturacci Fri, 09/23/2011 - 07:34


you can see additioanl to this information the following URL:


here is a case discussed with the following infos:

Q.    What does the error message "Lost Service"   mean?

A. If there is no traffic sent between the VPN Concentrator and the VPN       Client for a period of time, a Dead Peer Detection (DPD) packet is sent from       the VPN Concentrator to the VPN Client to ensure its peer is still there. If       there is a connectivity issue between the two peers where the VPN Client does       not respond to the VPN Concentrator, the VPN Concentrator continues to send DPD       packets over a period of time. This terminates the tunnel and generates the       error if it does not receive a response during that time. Refer to Cisco bug ID CSCdz45586 ( registered customers only)         .

The error should look like this:

SEV=4 AUTH/28 RPT=381 XXX.XXX.XXX.XX User [SomeUser] disconnected:
Duration: HH:MM:SS Bytes xmt: 19560 Bytes rcv: 17704 Reason:
syslog notice
Group [SomeDefault] User [SomeUser]
IKE lost contact with remote peer, deleting connection (keepalive type: DPD)

Cause: The remote IKE peer did not respond to       keepalives within the expected window of time, so the connection to the IKE       peer was deleted. The message includes the keep-alive mechanism used. This       issue is only reproducible if the public interface is disconnected during an       active tunnel session. The customer needs to monitor their network connectivity       as these events are generated to pinpoint the root cause of their potential       network connectivity issue(s).

Disable IKE keepalive by going to %System Root%\Program       Files\Cisco Systems\VPN Client\Profiles on the Client PC that       experiences the issue, and edit the PCF file (where       applicable) for the connection.

Change the 'ForceKeepAlives=0' (default) to       'ForceKeepAlives=1'.

If the problem persists, open a Service Request with       Cisco Technical Support and       provide the Client "Log Viewer" and the VPN Concentrator logs as the problem       occurs.


This Discussion