[vpn-help] Debugging tunnel issues on Mac OS VPN Client

Fri Jul 29 15:24:42 CDT 2011

Hello,
I’ve been doing some testing of the Mac VPN client following a few posts in the archives. I believe I installed the stack correctly, but I’m running into issues establishing & maintaining a tunnel.

Background:
I just started working with a client that uses the Shrew VPN client on windows machines with a Cisco solution. To test connectivity I installed the Shrew windows client (2.1.7) on a Windows 7 VM and I’m able to connect & authenticate using the .PCF file they provided.

The problem is that most members of my development team (including myself) use Macs. After installing the stack on my Mac and attempting to connect, the session is terminated by the gateway after about 30 seconds.  During the ~30 seconds it appears that I’m connected (I get the confirmation / help desk message from the host), but I’m not able to ping any resources on the network.

I noticed that the VPN trace utility isn’t available in the Mac version, so I’m not sure how much extra information I can provide. The trace from the Access Manager is included below.

If anyone has any insight about how to proceed I’d love to hear it.

Thanks for your time,
Mario

Platform:
----------------------------------------------
Mac OX 10.6.7
qt 4.7.1
tuntap 20090913
ShrewSoft VPN Mac client 2.2.0

ACCESS MANAGER LOGS:
----------------------------------------------
Windows Client (successful):
----------------------------------------------
config loaded for site '******.pcf'
configuring client settings ...
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
pre-shared key configured
bringing up tunnel ...
network device configured
tunnel enabled
----------------------------------------------
Mac Client (not successful):
----------------------------------------------
config loaded for site '*****'
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
remote id configured
pre-shared key configured
bringing up tunnel ...
network device configured
tunnel enabled

~30 seconds

session terminated by gateway
tunnel disabled
detached from key daemon
--
mario russo + R O U N D A R C H + mob 404.290.2328

________________________________
The information contained in this email message and its attachments is intended only for the private and confidential use of the recipient(s) named above, unless the sender expressly agrees otherwise. Transmission of email over the Internet is not a secure communications medium. If you are requesting or have requested the transmittal of personal data, as defined in applicable privacy laws by means of email or in an attachment to email, you must select a more secure alternate means of transmittal that supports your obligations to protect such personal data. If the reader of this message is not the intended recipient and/or you have received this email in error, you must take no action based on the information in this email and you are hereby notified that any dissemination, misuse or copying or disclosure of this communication is strictly prohibited. If you have received this communication in error, please notify Roundarch immediately by email and delete the original message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20110729/89cc5850/attachment-0001.html>