×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

VPN client 3.5.1 to PIX, VPN connection is blocked ,connection lost

Unanswered Question
Sep 29th, 2003
User Badges:

Hi,

I have clients running VPN client 3.5.1 on windows computer, ipsec connect to PIX 515 with version 6.0.

There is only one connection has this strange problem.

After the connection establish from Branch with this computer, it access the server inside the HQ, no problem, but someimtes it just cannot browse this server and lost the vpn connection.

From the log viewer , I got these error message everytime:

69 09:51:15.562 09/15/03 Sev=Info/6 FIREWALL/0x63A00005

FORWARD: ESP 206.191.101.26 to 192.168.0.142


70 09:51:15.625 09/15/03 Sev=Info/6 FIREWALL/0x63A00005

FORWARD: ESP 206.191.101.26 to 192.168.0.142


71 09:51:15.859 09/15/03 Sev=Info/6 FIREWALL/0x63A00005

FORWARD: ESP 206.191.101.26 to 192.168.0.142

.

.

.229 09:51:51.359 09/15/03 Sev=Info/4 FIREWALL/0x63A00003

BLOCK: UDP 192.168.0.118:137 to 192.168.0.255:137


230 09:51:53.359 09/15/03 Sev=Info/6 IKE/0x6300003D

Sending DPD request to 206.191.101.26, seq# = 2722692459


231 09:51:53.359 09/15/03 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 206.191.101.26


232 09:51:53.421 09/15/03 Sev=Info/5 IKE/0x6300002F

Received ISAKMP packet: peer = 206.191.101.26


233 09:51:53.421 09/15/03 Sev=Info/4 IKE/0x63000014

RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 206.191.101.26


234 09:51:53.421 09/15/03 Sev=Info/5 IKE/0x6300003F

Received DPD ACK from 206.191.101.26, seq# received = 2722692459, seq# expected = 2722692459


235 09:52:21.359 09/15/03 Sev=Info/4 FIREWALL/0x63A00003

BLOCK: UDP 192.168.0.148:138 to 192.168.0.255:138


.

.

241 09:56:53.343 09/15/03 Sev=Info/4 FIREWALL/0x63A00003

BLOCK: UDP 206.191.101.26:500 to 192.168.0.142:500

.

.


249 10:00:58.843 09/15/03 Sev=Info/4 FIREWALL/0x63A00003

BLOCK: UDP 192.168.0.106:138 to 192.168.0.255:138


250 10:02:08.859 09/15/03 Sev=Info/6 IKE/0x6300003D

Sending DPD request to 206.191.101.26, seq# = 2722692460


251 10:02:08.859 09/15/03 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 206.191.101.26


252 10:02:13.859 09/15/03 Sev=Info/6 IKE/0x6300003D

Sending DPD request to 206.191.101.26, seq# = 2722692461


253 10:02:13.859 09/15/03 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 206.191.101.26


254 10:02:18.859 09/15/03 Sev=Info/6 IKE/0x6300003D

Sending DPD request to 206.191.101.26, seq# = 2722692462


255 10:02:18.859 09/15/03 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 206.191.101.26


256 10:02:21.187 09/15/03 Sev=Info/4 FIREWALL/0x63A00003

BLOCK: UDP 192.168.0.118:138 to 192.168.0.255:138


257 10:02:23.859 09/15/03 Sev=Info/6 IKE/0x6300003D

Sending DPD request to 206.191.101.26, seq# = 2722692463


258 10:02:23.859 09/15/03 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 206.191.101.26


259 10:02:28.859 09/15/03 Sev=Info/6 IKE/0x6300003D

Sending DPD request to 206.191.101.26, seq# = 2722692464


260 10:02:28.859 09/15/03 Sev=Info/4 IKE/0x63000013

SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 206.191.101.26


261 10:02:32.125 09/15/03 Sev=Info/4 FIREWALL/0x63A00003

BLOCK: UDP 192.168.0.106:137 to 192.168.0.255:137


262 10:02:32.375 09/15/03 Sev=Info/6 DIALER/0x63300006

Disconnecting connection.


263 10:02:32.375 09/15/03 Sev=Info/4 CM/0x6310000A

Secure connections terminated


I found it looks like a Cisco vpn client Vulnerabilities for verion earlier than 3.0 .

http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml

But my version is later than3.0 .

And looks another possibality is if I eanble the stateful firewall on in vpn client , I will get the same error message from log viewer.But stateful firewall is not on on that computer.Is it the possible it is enable by a mistake in vpn client?

I uninstall and reinstall the vpn client already , nothing change.

Anybody has any idea?


Thanks,

David

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
a-vazquez Mon, 10/06/2003 - 07:25
User Badges:
  • Silver, 250 points or more

Did you check in the bug tool kit if the bug has been resolved??

david.xu Mon, 10/06/2003 - 08:38
User Badges:

I checked, it said the bug only happened at version earlier than 3.0, at version 3.51 there is not affected.

But looks my problem is very similar as this.

Actions

This Discussion