[c-nsp] Cisco VPN intermittent disconnects

Joseph Mays mays at win.net
Thu Oct 25 15:15:32 EDT 2012 

We have a client on a connection to a cisco switch at one of our locations, routing out through a 3600 to a cisco firewall at a remote location. The firewall is a CISCO 5505 running 8.25.

When they connect to the remote firewall with a cisco VPN client (Cisco VPN client for windows version 5.0.07.0290) they get intermittent drops in service. If they set up a hard firewall from inside their network that connects to the remote firewall, and then run their connections through that, it works fine. I asked them to try setting the MTU on the cisco client down to 576 from 1300 -- same result. They can also run the client through another wan connection to the remote firewall and it works fine. It seems to be something about connecting to the remote firewall with this client across the WAN connection that runs through us, but no errors are occurring on any of the interfaces in the path, and I can't find that any packets are being dropped or anything.

I received a snippet of Cisco VPN client logs from the customer, but I'm not well-versed in it enough to see if it's providing any useful info. Quite possibly it is and I just am not recognizing the fact.

Cisco Systems VPN Client Version 5.0.07.0290
Copyright (C) 1998-2010 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 6.1.7601 Service Pack 1
Config file directory: C:\Program Files (x86)\Cisco Systems\VPN Client\
 
1      14:29:34.774  10/25/12  Sev=Info/4            IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 199.30.90.62
 
2      14:29:34.774  10/25/12  Sev=Info/6            IKE/0x6300003D
Sending DPD request to 199.30.90.62, our seq# = 2332051025
 
3      14:29:39.843  10/25/12  Sev=Info/4            IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 199.30.90.62
 
4      14:29:39.843  10/25/12  Sev=Info/6            IKE/0x6300003D
Sending DPD request to 199.30.90.62, our seq# = 2332051026
 
5      14:29:44.912  10/25/12  Sev=Info/4            IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 199.30.90.62
 
6      14:29:44.912  10/25/12  Sev=Info/6            IKE/0x6300003D
Sending DPD request to 199.30.90.62, our seq# = 2332051027
 
7      14:29:49.981  10/25/12  Sev=Info/4            IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 199.30.90.62
 
8      14:29:49.981  10/25/12  Sev=Info/6            IKE/0x6300003D
Sending DPD request to 199.30.90.62, our seq# = 2332051028
 
9      14:29:55.051  10/25/12  Sev=Info/4            IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 199.30.90.62
 
10     14:29:55.051  10/25/12  Sev=Info/6           IKE/0x6300003D
Sending DPD request to 199.30.90.62, our seq# = 2332051029
 
11     14:30:00.120  10/25/12  Sev=Info/4           IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 199.30.90.62
 
12     14:30:00.120  10/25/12  Sev=Info/6           IKE/0x6300003D
Sending DPD request to 199.30.90.62, our seq# = 2332051030
 
13     14:30:00.620  10/25/12  Sev=Info/6           IPSEC/0x63700022
TCP heartbeat sent to 199.30.90.62, src port 1331, dst port 10000
 
14     14:30:05.192  10/25/12  Sev=Info/4           IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 199.30.90.62
 
15     14:30:05.192  10/25/12  Sev=Info/6           IKE/0x6300003D
Sending DPD request to 199.30.90.62, our seq# = 2332051031
 
16     14:30:10.259  10/25/12  Sev=Info/4           IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 199.30.90.62
 
17     14:30:10.259  10/25/12  Sev=Info/6           IKE/0x6300003D
Sending DPD request to 199.30.90.62, our seq# = 2332051032
 
18     14:30:15.216  10/25/12  Sev=Info/5           IKE/0x6300002F
Received ISAKMP packet: peer = 199.30.90.62
 
19     14:30:15.216  10/25/12  Sev=Info/4           IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 199.30.90.62
 
20     14:30:15.216  10/25/12  Sev=Info/5           IKE/0x63000040
Received DPD ACK from 199.30.90.62, seq# received = 2332051025, seq# expected = 2332051032
 
21     14:30:15.216  10/25/12  Sev=Info/5           IKE/0x6300002F
Received ISAKMP packet: peer = 199.30.90.62
 
22     14:30:15.216  10/25/12  Sev=Info/4           IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 199.30.90.62
 
23     14:30:15.216  10/25/12  Sev=Info/5           IKE/0x63000040
Received DPD ACK from 199.30.90.62, seq# received = 2332051026, seq# expected = 2332051032
 
24     14:30:15.216  10/25/12  Sev=Info/5           IKE/0x6300002F
Received ISAKMP packet: peer = 199.30.90.62
 
25     14:30:15.216  10/25/12  Sev=Info/4           IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 199.30.90.62
 
26     14:30:15.216  10/25/12  Sev=Info/5           IKE/0x63000040
Received DPD ACK from 199.30.90.62, seq# received = 2332051027, seq# expected = 2332051032
 
27     14:30:15.216  10/25/12  Sev=Info/5           IKE/0x6300002F
Received ISAKMP packet: peer = 199.30.90.62
 
28     14:30:15.216  10/25/12  Sev=Info/4           IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 199.30.90.62
 
29     14:30:15.216  10/25/12  Sev=Info/5           IKE/0x63000040
Received DPD ACK from 199.30.90.62, seq# received = 2332051028, seq# expected = 2332051032
 
30     14:30:15.216  10/25/12  Sev=Info/5           IKE/0x6300002F
Received ISAKMP packet: peer = 199.30.90.62
 
31     14:30:15.216  10/25/12  Sev=Info/4           IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 199.30.90.62
 
32     14:30:15.216  10/25/12  Sev=Info/5           IKE/0x63000040
Received DPD ACK from 199.30.90.62, seq# received = 2332051029, seq# expected = 2332051032
 
33     14:30:15.216  10/25/12  Sev=Info/5           IKE/0x6300002F
Received ISAKMP packet: peer = 199.30.90.62
 
34     14:30:15.217  10/25/12  Sev=Info/4           IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 199.30.90.62
 
35     14:30:15.217  10/25/12  Sev=Info/5           IKE/0x63000040
Received DPD ACK from 199.30.90.62, seq# received = 2332051030, seq# expected = 2332051032
 
36     14:30:15.217  10/25/12  Sev=Info/5           IKE/0x6300002F
Received ISAKMP packet: peer = 199.30.90.62
 
37     14:30:15.217  10/25/12  Sev=Info/4           IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 199.30.90.62
 
38     14:30:15.217  10/25/12  Sev=Info/5           IKE/0x63000040
Received DPD ACK from 199.30.90.62, seq# received = 2332051031, seq# expected = 2332051032
 
39     14:30:15.217  10/25/12  Sev=Info/5           IKE/0x6300002F
Received ISAKMP packet: peer = 199.30.90.62
 
40     14:30:15.217  10/25/12  Sev=Info/4           IKE/0x63000014
RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from 199.30.90.62
 
41     14:30:15.217  10/25/12  Sev=Info/5           IKE/0x63000040
Received DPD ACK from 199.30.90.62, seq# received = 2332051032, seq# expected = 2332051032
 
42     14:32:42.397  10/25/12  Sev=Info/4           IKE/0x63000013
SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to 199.30.90.62

More information about the cisco-nsp mailing list