[vpn-help] Shrewsoft VPN Client not working properly after standby

Jim Harle vpn at technicolor.com
Sun Jul 28 12:01:01 CDT 2013 

Hello Nick,

I'm a newbie on this list, but have also used the Shrew Soft x64 client on Windows for many years, although almost exclusively on a desktop PC at my house.

I don't have a solution for your scenario, but a suggestion and a question.  First the question - when your physical Ethernet connection is dropped, how much time passes before you attempt the disconnect/reconnect?  It would indeed be odd if the Shrew client never ("never" meaning more than, say, a minute) timed out with a message like "the gateway is not responding."

Now the suggestion - when your laptop gets into the state of "vpn-connects-but-doesn't-pass-traffic," here is a faster thing to try instead of rebooting:
1) Disconnect the VPN client
2) Open Control Panel --> System and Security --> Administrative Tools --> Services (right-click the bottom-left Start Screen icon to get to Control Panel in the first place)
3) Stop both the "ShrewSoft IKE Daemon" and "ShrewSoft IPSEC Daemon" services
4) Verify both services have stopped (F5 to refresh view)
5) Start both of the above services
6) Retry the VPN connection

My experience has been that the "ShrewSoft IKE Daemon" will take a long time to stop, and Windows will complain that it couldn't stop the service, yet it does still stop.  Once in a blue moon, my PC will get into the state where the Shrew VPN will connect and pass traffic, but the VPN disconnects a short time after (~ 30 seconds).  Restarting the Shrew services clears this up.

And lastly, if you're using Windows 8 without a Start Menu replacement like Start8, best of luck to you...but that's for a different discussion thread.  :-)

-Jim

-----Original Message-----
From: vpn-help-bounces at lists.shrew.net [mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Nikolaos Milas
Sent: Sunday, July 28, 2013 9:50 AM
To: vpn-help at lists.shrew.net
Subject: [vpn-help] Shrewsoft VPN Client not working properly after standby

Hi,

First of all, thanks for your great piece of software, which I have been 
using for some years almost flawlessly. Keep up the good work.

Recently, I have started using a Dell laptop running Win 8 Pro 64 bit. 
It connects to a Cisco 3825 router running IOS v12.4(9)T2.

I am running Shrewsoft VPN Client v2.2.2 (Free Version).

The problem: If an established VPN Connection (over Ethernet, using UTP 
cabling) is interrupted abnormally (i.e. not using an explicit -manual- 
discconnect), then, the next time VPN is -explicitly, pressing the 
Connect button- established (VPN seems to be established without 
issues), no  Internet access is available (except local, on my home 
private network; I am on a DSL line.) Neither usual Internet access is 
possible, nor VPN access to our Org internal network. Pinging to known 
public IP addresses does not work either - so it's not a DNS problem.

The situation (i.e. Shresoft VPN Client effectively not working any 
more) cannot be resolved in any way, except by rebooting the machine. I 
have tried restarting the Shrewsoft VPN Client, disabling and 
re-enabling the Ethernet connection, but nothing works.

This is a consistent, reproducible problem. It usually happens when the 
laptop is put to Standby mode by closing the lid, while VPN is active. 
If I manually disconnect before Standby, then, after Standby VPN Client 
works fine to establish a new connection. If I forget to disconnect 
manually, it will need a reboot for the VPN Client to work correctly.

The same happens if Ethernet connection (physically) drops temporarily 
while the VPN link is active. VPN appears to be up (by the way, I would 
expect Shrewsoft VPN Client to understand the outage and drop the 
connection automatically); If I attempt to manually Disconnect an 
Connect again, I find myself in the above situation (VPN Client 
connecting but not working).

Client Configuration Details:

    Adapter mode is "Virtual adapter and assigned address" (Auto
    Address/Netmask), MTU 1380, Auto Config: ike config pull,
    Options: [NAT Traversal: enable, Port 4500, Keep-alive: 15 sec, IKE
    Fragm.: enable, Max packet size: 540 Bytes, Enable Dead Peer
    Detection, Enable ISAKMP Failure Notifications, Enable Client Login
    Banner],
    Authentication method is "Mutual PSK + XAuth", with ID Type: Key
    Identifier, Key ID string, (Remote ID: ID Type: Any) and
    Credentials: Pre-Shared Key.

No visible errors. "ipconfig" command output does not show any 
difference between when (VPN is connected and) VPN is working and 
actually NOT working.

The same problem was occurring with v2.2.1 (which I had initially tried 
on the same laptop).

Please advise on how this can be resolved.

Thanks and regards,
Nick

_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
https://lists.shrew.net/mailman/listinfo/vpn-help

More information about the vpn-help mailing list