Hi all, this is the second day of our PIX's use as a VPN gateway. Until last night around 11:30, all was well, but since then, we get varying error messages on win2k clients (that's all we're using). Today, I inspected the syslog files and noticed lines with errors related to vpdn, similar to this one (ip addresses dependent on client machine):
A tunnel seems to begin to be established, but the tunnel state gets stuck:
PPTP Tunnel Information (Total tunnels=1 sessions=0)
Tunnel id 105, remote id is 105, 0 active sessions
Tunnel state is wt-sccrq, time since event change 145529 secs
remote Internet Address XX.XX.XX.248, port 1723
Local Internet Address XX.XX.XX.2, port 1723
0 packets sent, 0 received, 0 bytes sent, 0 received
I haven't been able to find much out, except that for that particular error message (%PIX-3-213002), I am directed to "contact customer support". Has anyone seen this behavior before, and if so, how do I fix it for good.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...