[Vpn-help] Cisco setup
Matthew Grooms
mgrooms at shrew.net
Sun Oct 18 17:32:57 CDT 2009
Thomas Moser wrote:
> Hi,
>
> I saw a couple of messages in the archive concerning cisco VPN setups,
> like the following one:
>
>> >/ bringing up tunnel .../
>> >/ network device configured/
>> >/ tunnel enabled/
>> >/ session terminated by gateway/
>> >/ tunnel disabled/
>> >/ detached from key daemon .../
>
>> If it gets to the 'tunnel enabled' point, that means you completed
>> phase1, Xauth and modecfg negotiations. Its probably a phase2 option. As
>> I mentioned to others on the list, try playing with the PFS setting or
>> enabling the cisco-udp NAT-T option.
>
> But I never saw a resolution. Did someone get it working?
>
> I have exactly the same issue, but didn’t get it up and running until now.
>
Thomas,
There is an application called VPN Trace that is distributed with the
client. Here is a document that describes how it can be used to enable
debug level log output.
http://www.shrew.net/support/wiki/BugReportVpnWindows
My guess is that your phase2 proposal is being rejected. Using this log
output and the cisco gateway log output, you should be able to determine
why its failing and how to correct the issue.
-Matthew
More information about the vpn-help
mailing list