[Dshield] Cisco VPN Issues Anyone?
Jon Kibler
Jon.Kibler at aset.com
Tue Nov 18 17:15:52 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I have a client that had Cisco client-based VPN break over the weekend
- -- but just on Windows boxes. Everything was working okay Friday, but on
Monday morning, Windows VPN users could not connect to the VPN. Mac and
Linux still works fine.
Nothing has been changed on the network for a few weeks, and we have
verified those configurations. Plus, all non-Windows boxes seem to work
just fine, so it seems to be something on the Windows client side and
not on the network side.
We have tried removing all the latest Windows patches, tried taking a
new box and installing the VPN client on it, and nothing with Windows
seems to work. We have also turned off all firewalls and AV on the boxes
and that did not make any difference.
We have opened a case with Cisco TAC, but they are stumped at this point.
- From a technical standpoint, what happening is that the ISAKMP SA
establishment breaks. It appears that for some reason the Windows client
is failing to process a response packet and then starts a retry, which
also fails.
Has anyone else seen this or something similar?
Any thoughts on where to look for an issue?
TIA for help!
Jon K
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224
http://www.linkedin.com/in/jonrkibler
My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkki+EgACgkQUVxQRc85QlPtAQCgmU/cIUYocKXYmNuTEUGMq4n2
lGIAn1Z0rbF5RUUtU6LF6zjGGz2th88b
=TKcQ
-----END PGP SIGNATURE-----
=========================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.
More information about the Dshield
mailing list