[vpn-help] Win7 64bit Cisco 3000 disconnect - XP works

Matthew Grooms mgrooms at shrew.net
Tue Feb 9 00:19:52 CST 2010


On 1/29/2010 8:43 AM, [LFL] Sagrotan wrote:
> Hi Folks,
>
> I'm also a guy with problems to establish a tunnel under Windows 7 64bit. Same config works fine in XP-mode. The same profile is used on both machines.
>
> On Win7  the tunnel is up, but security association shows no established connection and the tunnel terminates with " detached from key daemon ..." after a few seconds. I'am unable to ping anything during the tunnel ist up.
>
> Traced both logs and here ist the spot the log begin to defer:
>
...
>
>
> on 7 the "recv pfkey ACQUIRE UNSPEC message" is missing.
>
> Any guidance very appreceated

The pfkey acquire message is generated by the IPsec process when a 
packet matches an security policy. When the ike daemon receives this 
message, it attempts to negotiate an IPsec SA to protect the traffic. My 
guess is that the routes are not being created successfully. Have you 
compared the output of 'route print' on both machines?

-Matthew



More information about the vpn-help mailing list