cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
705
Views
0
Helpful
7
Replies

"IPSec terminated session".

[Response] ddianis

Sep 25, 2001, 11:33am Pacific (15.)

I have a VPN client that gets disconnected while using DSL with a message "IPSec terminated session". But the same laptop will stay connected for hours while using a dial connection. Where or how do I start troubleshooting a problem like this?

This question was never answered and I am having a similar problem? Anyone have any input?

7 Replies 7

gbbromley
Level 1
Level 1

May be that the xDSL ISP is dropping/filtering IPSec traffic.

I have heard that some ISPs are blocking IPSec traffic.

I called AOL and they said that they are not blocking IPSEC traffic.

knudsen-s
Level 1
Level 1

Dear Rimon,

I looks like you have some problems with NAT.

Your DSL if you have a router in that end and are yousing NAT, that can be the problem.

Best regards

Soren Knudsen

amber.chan
Level 1
Level 1

In Taiwan,If you using xDSL connect to the ISP.

Some ISP will disconnect your connection,when you

idle to much time.

Maybe you can ask your service provide.

sfried
Level 1
Level 1

Rimon,

You don't mention which VPN server and client

you're using; my experience comes from using the

Cisco VPN3000 concentrator and related client.

Either you're internet connection to the VPN

server has been broken, or there's been and IPSec

specific issue. To get more debugging info on the

latter, check the event log on the VPN server.

You'll want to first get the server configured

to maximize it's logging level on IPSec related issues. In the Cisco 3000 concentrator, for example,

go to "Configure, System, Events, Classes" and either

add or modify IPSec, IPSecdebug, and IPSecdecode for

maximum logging. On the client side, run logging

*before* starting the session, so you can get info

on everything along the way. The cisco client comes

with an app called "Log Viewer".

Also - to check on the first issue, of internet

connectivity being broken between the client and

server, try pinging to the server immediately

after the connection breaks. This may not detect

subtle performance or transient issues, but if

you CAN'T ping the server - you know right away

that its a general internet issue, rahter than

an IPSec one.

good luck!

- Sholom

messed

chris.parker
Level 1
Level 1

I have been tracking down this problem for a while now, as several of our users have also experienced disconnects when using DSL links.

As has been mentioned some ISP’s do block port 500. I have tracked the problem down to two things in our case both can cause problems:

1. MTU set to large, this causes fragmentation and if you run a personal Firewall this sees it as a Denial of service attack and starts blocking.

2. If your DSL connection uses a USB modem with VIA chipset. Always install the latest Via 4 in1 drivers and USB filter from the Via website. If you have a Motherboard of the KT7 type, one workaround is to change the BIOS settings: set the ‘enhanced chipset performance’ setting on ‘enable’. This should help in most cases. For more information about the KT7 / VIA chipset issues with USB, read the KT7 FAQ or the USBman page on the Alcatel web site.

jaroslaw.bulski
Level 1
Level 1

I have exactly the same situation (DSL, VPN, Windows 2000). My "record of working" is 20 minutes.

Maybe it is problem with MTU, because Microsoft Terminal Services Client doesn't work on W2K with Cisco VPN and I found some similar information in TechNet about MTU size. I know how to change MTU in NT4, but in W2K I don't know.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: