[vpn-help] Win7 64bit Cisco 3000 disconnect - XP works

[LFL] Sagrotan sagrotan at schnatta.de
Fri Jan 29 08:43:24 CST 2010 

An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20100129/949c2acf/attachment-0001.html>
-------------- next part --------------
Hi Folks,

I'm also a guy with problems to establish a tunnel under Windows 7 64bit. Same config works fine in XP-mode. The same profile is used on both machines.

On Win7  the tunnel is up, but security association shows no established connection and the tunnel terminates with " detached from key daemon ..." after a few seconds. I'am unable to ping anything during the tunnel ist up.

Traced both logs and here ist the spot the log begin to defer:

XP (works fine):
10/01/29 15:00:13 K> : send pfkey X_SPDADD UNSPEC message
10/01/29 15:00:13 ii : split DNS bypassed ( no split domains defined )
10/01/29 15:00:14 K< : recv pfkey X_SPDADD UNSPEC message
10/01/29 15:00:14 DB : policy found
10/01/29 15:00:16 K< : recv pfkey ACQUIRE UNSPEC message
10/01/29 15:00:16 DB : policy found
10/01/29 15:00:16 DB : policy found
10/01/29 15:00:16 DB : tunnel found
10/01/29 15:00:16 DB : new phase2 ( IPSEC initiator )
10/01/29 15:00:16 DB : phase2 added ( obj count = 1 )
10/01/29 15:00:16 K> : send pfkey GETSPI ESP message
10/01/29 15:00:16 K< : recv pfkey GETSPI ESP message
10/01/29 15:00:16 DB : phase2 found
10/01/29 15:00:16 ii : updated spi for 1 ipsec-esp proposal
10/01/29 15:00:16 DB : phase1 found


7 (sucks):
10/01/29 15:19:48 K> : send pfkey X_SPDADD UNSPEC message
10/01/29 15:19:48 ii : split DNS bypassed ( no split domains defined )
10/01/29 15:19:48 K< : recv pfkey X_SPDADD UNSPEC message
10/01/29 15:19:48 DB : policy found
10/01/29 15:19:56 <- : recv NAT-T:IKE packet 193.24.32.247:4500 -> 192.168.0.100:4500 ( 188 bytes )
10/01/29 15:19:56 DB : phase1 found
10/01/29 15:19:56 ii : processing config packet ( 188 bytes )
10/01/29 15:19:56 DB : config found
10/01/29 15:19:56 !! : config packet ignored, ( config already mature )
10/01/29 15:20:02 DB : phase1 found
...
10/01/29 15:20:20 ii : received peer DELETE message


on 7 the "recv pfkey ACQUIRE UNSPEC message" is missing. 

Any guidance very appreceated
Regards
Mattes

More information about the vpn-help mailing list