[vpn-help] Issues with passing traffic after VPN tunnel is established

Kevin VPN kvpn at live.com
Thu Mar 1 20:42:38 CST 2012 

On 02/22/2012 02:10 PM, Roper, Andrew wrote:
> Jack,
>
> It makes total sense that it does not work in Safe Mode. Safe Mode
> disables networking and only enables minimum services for OS
> functionality. I would even suspect that you'd have issues in Safe
> Mode with Networking as other dependent services would be offline.
> If, however, you are suggesting that a normal reboot does not resolve
> the issue but booting into Safe Mode and then a normal boot does then
> that is particularly curious. For this I have no explanation. As for
> continued troubleshooting, it would be necessary to perform a debug
> on the Netvanta and look for clues there and on the client I would
> make sure there are no conflicting VPN clients installed, AV isn't
> interfering, drivers are up to date and the connection is stable.
> Running some debug logs on the client side would also help in
> narrowing down the problem.
>
> Regards, Andrew
>
> Sent from my iPhone
>
> On Feb 22, 2012, at 1:43 PM, "Jack
> Rizk"<jrizk at hayesandassociates.com<mailto:jrizk at hayesandassociates.com>>
> wrote:
>
> Hi,
>
> We have a user that has a laptop with Windows 7 Professional on it.
> They have the Shrew VPN Client 2.17.  The VPN gateway that they are
> connecting to is an Adtran Netvanta 3430 firewall.  The connection
> works sometimes and other times it doesn’t.  When it fails, it states
> that the tunnel is enabled, but you cannot pass traffic.  On the
> Netvanta side, it states that IKE is up, but IPSEC is down.  The last
> time we had issues with it, we tried to connect with a different
> windows 7 PC and it connected.  Then we booted up in safe mode with
> the original PC that failed the first time.  It was unable to connect
> when it was in safe mode, but when we took it out of safe mode, it
> could connect.  Any ideas?
>

Hi Jack,

Based on your description of the symptoms, I'd suggest that the Phase 
2/Security Association is failing for that connection.  The Adtran logs 
may provide a hint as to why it is failing.

The Shrew client can also provide debugging output as Andrew suggested. 
  The instructions for providing a debug log are here:
http://www.shrew.net/support/wiki/BugReportVpnWindows

More information about the vpn-help mailing list