[vpn-help] "Silent" client failure

[Tim Mensch]

I'm using the ShrewSoft client to connect to my work VPN. I don't have 
the specifics of the work VPN configuration, but I can get them if I need.

The problem I'm having seems to be on the client side, though, in that 
no log or warning messages appear on the VPN server (I checked with IT 
about this issue once, and they didn't have any idea why it would be 
failing--and the log showed nothing for my client until I disconnected).

What happens is this: After some period of time, my active connection to 
the VPN will no longer work. If I try to go to any web site, it will 
time out, whether its a VPN-based site or not (all my traffic ends up 
routed through the VPN). There is no indication in the client that the 
connection isn't functioning, nor as I mentioned is there any indication 
on the server.

Closing the connection and reopening it doesn't help. Killing ALL the 
ShrewSoft services and restarting them sometimes helps; occasionally one 
will get into a state where I can't kill it, and under those 
circumstances it sometimes won't work to restart the services. But even 
then, sometimes it will.

After killing and restarting the services, I can then (usually) make a 
connection that will actually forward packets, at which point everything 
works for a while again for anywhere from a half hour to 8+ hours. I 
haven't found a particular pattern in when it fails. Another fun fact: I 
can stop and restart each of the services independently, and it doesn't 
seem to fix the issue. It seems I have to kill all three and restart 
them all in order for it to work; I haven't tried the various 
permutations of just two of them, though.

I'm on Windows 7 x64, and I'm behind a NAT firewall. I've reproduced 
this issue on two different client systems (the other system is the one 
that BSODs after running the client for a while, even on 2.1.6 beta 3, 
so I'm sticking with my laptop for now). I've tried 2.1.5 and each of 
the 2.1.6 betas as they've been released; all have identical behavior. 
Currently I'm on 2.1.6 beta 4. To be clear: The VPN normally works fine 
for hours at a time.

I finally managed to run the trace utility, and when in a bad state the 
log below is what I see: Some of these IP addresses are on the VPN, like 
192.168.253.51, which is the DNS server on my office LAN. This log 
continued with similar messages until I killed the process and 
restarted. After which point, VPN addresses would show "policy found" in 
the log. I can post parts of that log as well, but it seems less likely 
to be of use.

It looks to me like the IPSEC service is losing its policy definitions. 
If so, how could that be happening, and is it something that I can 
prevent? Or if that doesn't make sense, then what do you think might be 
going on here? I can involve IT if you need any specific configuration 
questions answered, but I thought I'd throw it out there with this much 
information to see if it was enough to clue you in to what's going wrong.

Thoughts?

Tim


__________ Information from ESET NOD32 Antivirus, version of virus signature database 4896 (20100225) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com