Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

srg
New Member

Vpn Client 3.0 to Vpn 3015 Concentrator

We just recently upgraded our 3015 Concentrator to version 3.0.2 and started using the client version 3.0.1, and I have ran into an error that I can't figure out. The VPN client gets just past the point where it asks for the username/password then says that the peer has terminated the connection. The VPN client log says "Cannot match Policy Entry: local host=IPADDR=0.0.0.0 remote host=IP ADDR=0.0.0.0. The log on the VPN concentrator says "Received unsupported transaction mode attribute:5" I assume there is a rule or policy setting that I am missing somewhere, but I can't tell where. Can anyone tell me what the "Received unsupported transaction mode attribute" error means?

Thanks.

7 REPLIES
New Member

Re: Vpn Client 3.0 to Vpn 3015 Concentrator

I think it is because of the active IKE Proposals you have in your concentrator. The client may be looking at all the proposals in the list before it finds the one it can use. Check your sa (sa's) and see what ike proposal (proposal's) it is using, then go to your ike prosal list and remove the unused proposals. Hope this helps.

srg
New Member

Re: Vpn Client 3.0 to Vpn 3015 Concentrator

Thanks for the response. I checked the SA's and realized I wasn't using the correct one for my IPSec group. I changed that and now I can make a connection with Windows ME just fine, but I still cant connect with the 3.0.2 client on Windows2000. Now on the VPN Concentrator I get a "Duplicate first packet detected!" error message. Anyone have any idea what that message means?

Thanks.

srg
New Member

Re: Vpn Client 3.0 to Vpn 3015 Concentrator

I found out that it was the firewall/IDS software I had installed on my computer. I thought I was turning it off before, but I was just turning off the alert notification and managment software running in the system tray rather than stopping the firewall itself.

New Member

Re: Vpn Client 3.0 to Vpn 3015 Concentrator

Did you find a solution, I am stuck with the same error message and cannot find any solution to it.

The 3.0 client cannot connect to the VPN 3000 concentrator.

New Member

Re: Vpn Client 3.0 to Vpn 3015 Concentrator

Same problem here in a ways.

We are connecting to a VPN3060 and get the message 'Duplicate first packet detected' everytime. While troubleshooting we noticied this was the case evertime when the group information was correct. When we purposely mistyped the group information we would get messages about invalid groups/passwords.

New Member

Re: Vpn Client 3.0 to Vpn 3015 Concentrator

I am getting the same error on our 3015. Only on one remote machine. I suspect thier home Intel Anypoint network, but can't find any docs to prove this. Any info you garner would be much appreciated.

New Member

Re: Vpn Client 3.0 to Vpn 3015 Concentrator

The concentrator messages are not getting back to the client, the client times out and resends the request. Hence the dup packet detected errors at the concentrator. Common problems are on the client side network (router, fw, etc...) or client has firewall software running and not properly config'd to allow the connection. Let us know what you find.

197
Views
0
Helpful
7
Replies