[vpn-help] Problems with Shrewsoft VPN-Client / Access via UMTS surf stick
Kevin VPN
kvpn at live.com
Sun Oct 23 21:37:13 CDT 2011
On 10/22/2011 02:17 PM, Johan Schröder wrote:
> Hello there,
>
> I've got a connection problem using the Shrewsoft VPN client and a
> Netscreen 5GT using UMTS (surf stick, Vodafone Germany).
>
> There is no connection problem in general (the VPN connection works
> without problems using DSL with different PCs), only when the client
> tries to establish a connection via UMTS (Vodafone Germany).
>
> The client mailed me the log/trace of his Shrewsoft client. On the
> Netscreen (VPN gateway) there is no entry in the log, so I assume that
> the Shrewsoft client don't even reach the Netscreen. Does anybody can
> help me with that, maybe with interpreting the following trace? Maybe
> it's a problem with Vodafone blocking the needed ports? Thanks!
>
> In the following trace, I replaced the client IP address with
> xx.xx.xx.xx, the VPN Gateway IP address with yy.yy.yy.yy.
>
<snip>
> 11/10/21 12:43:32 -> : send IKE packet xx.xx.xx.xx:500 ->
> yy.yy.yy.yy:500 ( 1190 bytes )
> 11/10/21 12:43:32 DB : phase1 resend event scheduled ( ref count = 2 )
> 11/10/21 12:43:37 -> : resend 1 phase1 packet(s) xx.xx.xx.xx:500 ->
> yy.yy.yy.yy:500
> 11/10/21 12:43:42 -> : resend 1 phase1 packet(s) xx.xx.xx.xx:500 ->
> yy.yy.yy.yy:500
> 11/10/21 12:43:47 -> : resend 1 phase1 packet(s) xx.xx.xx.xx:500 ->
> yy.yy.yy.yy:500
> 11/10/21 12:43:52 ii : resend limit exceeded for phase1 exchange
>
Hi Johan,
The trace shows that Shrew did not receive a response to the packet that
it sent to the gateway. Since you indicate that the gateway logs show
nothing, it does appear that the packets may be blocked.
There have been a few other posts on the list about people having
problems with UMTS connections, but as far as I know, there's not been
any resolution. This might mean that people have solved the problem and
not written back, but it also might mean they've given up.
Something that you might try is to play with the "Maximum packet size"
and/or MTU settings in the Shrew Site Configuration. Perhaps try
changing the Maximum packet size to much smaller values (default is 540
bytes) to see if that makes a difference.
More information about the vpn-help
mailing list