Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Client Problem using MAC OS

I was wondering if anyone has any suggestions. I am having trouble with a MAC connecting to a 3005. For Windows client everything works fines. I tried to use NAT-T just in case it was a problem. There are no firewalls on the client

Cisco Systems VPN Client Version 4.0.2 (C)

Copyright (C) 1998-2003 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Mac OS X

Running on: Darwin 6.8 Darwin Kernel Version 6.8: Wed Sep 10 15:20:55 PDT 2003; root:xnu/xnu-344.49.obj~2/RELEASE_PPC Power Macintosh

Cisco Systems VPN Client Version 4.0.2 (C)

Copyright (C) 1998-2003 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Mac OS X

Running on: Darwin 6.8 Darwin Kernel Version 6.8: Wed Sep 10 15:20:55 PDT 2003; root:xnu/xnu-344.49.obj~2/RELEASE_PPC Power Macintosh

Cisco Systems VPN Client Version 4.0.2 (C)

Copyright (C) 1998-2003 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Mac OS X

Running on: Darwin 6.8 Darwin Kernel Version 6.8: Wed Sep 10 15:20:55 PDT 2003; root:xnu/xnu-344.49.obj~2/RELEASE_PPC Power Macintosh

Cisco Systems VPN Client Version 4.0.2 (C)

Copyright (C) 1998-2003 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Mac OS X

Running on: Darwin 6.8 Darwin Kernel Version 6.8: Wed Sep 10 15:20:55 PDT 2003; root:xnu/xnu-344.49.obj~2/RELEASE_PPC Power Macintosh

1 10:29:46.505 02/26/2004 Sev=Info/4 CM/0x43100002

Begin connection process

2 10:29:46.507 02/26/2004 Sev=Info/4 CM/0x43100004

Establish secure connection using Ethernet

3 10:29:46.507 02/26/2004 Sev=Info/4 CM/0x43100024

Attempt connection with server "65.126.58.132"

4 10:29:46.507 02/26/2004 Sev=Info/6 IKE/0x4300003B

Attempting to establish a connection with xxx.xxx.xxx.xxx.

5 10:29:46.635 02/26/2004 Sev=Info/4 IKE/0x43000013

SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Nat-T), VID(Frag), VID(Unity)) to xxx.xxx.xxx.xxx

6 10:29:46.901 02/26/2004 Sev=Info/4 IPSEC/0x43700008

IPSec driver successfully started

7 10:29:46.902 02/26/2004 Sev=Info/4 IPSEC/0x43700014

Deleted all keys

8 10:29:51.662 02/26/2004 Sev=Info/4 IKE/0x43000021

Retransmitting last packet!

9 10:29:51.662 02/26/2004 Sev=Info/4 IKE/0x43000013

SENDING >>> ISAKMP OAK AG (Retransmission) to xxx.xxx.xxx.xxx

10 10:29:57.161 02/26/2004 Sev=Info/4 IKE/0x43000021

Retransmitting last packet!

11 10:29:57.161 02/26/2004 Sev=Info/4 IKE/0x43000013

SENDING >>> ISAKMP OAK AG (Retransmission) to xxx.xxx.xxx.xxx

12 10:30:02.161 02/26/2004 Sev=Info/4 IKE/0x43000021

Retransmitting last packet!

13 10:30:02.161 02/26/2004 Sev=Info/4 IKE/0x43000013

SENDING >>> ISAKMP OAK AG (Retransmission) to xxx.xxx.xxx.xxx

14 10:30:07.162 02/26/2004 Sev=Info/4 IKE/0x43000017

Marking IKE SA for deletion (I_Cookie=6146108614D01E08 R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING

15 10:30:07.669 02/26/2004 Sev=Info/4 IKE/0x4300004A

Discarding IKE SA negotiation (I_Cookie=6146108614D01E08 R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING

16 10:30:07.669 02/26/2004 Sev=Info/4 CM/0x43100014

Unable to establish Phase 1 SA with server "xxx.xxx.xxx.xxx" because of "DEL_REASON_PEER_NOT_RESPONDING"

17 10:30:07.669 02/26/2004 Sev=Info/5 CM/0x43100025

Initializing CVPNDrv

18 10:30:07.671 02/26/2004 Sev=Info/4 IKE/0x43000001

IKE received signal to terminate VPN connection

19 10:30:08.730 02/26/2004 Sev=Info/4 IPSEC/0x43700014

Deleted all keys

20 10:30:08.730 02/26/2004 Sev=Info/4 IPSEC/0x43700014

Deleted all keys

21 10:30:08.731 02/26/2004 Sev=Info/4 IPSEC/0x43700014

Deleted all keys

22 10:30:08.731 02/26/2004 Sev=Info/4 IPSEC/0x4370000A

IPSec driver successfully stopped

1 REPLY
Silver

Re: Client Problem using MAC OS

From what I can see, the message shown above means that client didnt' get any response on the UDP port. In case of NAT-T you would have to make sure that UDP 500 and UDP 4500 ports are allowed. You could also take a look at this document to check if you've missed some configuration step.

http://www.cisco.com/warp/public/471/vpn3k_MAC_os.html

96
Views
0
Helpful
1
Replies