Hello, when using the Cisco VPN Solution on Windows the connection is very
reliable, maybe one crash a day.
On linux I get regular hangups every .. minutes.
Turning on Debug in the config file, I have found:
S7.3 QM_packet2 validate type
[2012-10-09 23:31:14]
got ike lifetime attributes: 600 seconds
but a 100 lines above that, there is:
S4.4 AM_packet2
[2012-10-09 23:31:14]
(Cisco Unity)
(Xauth)
(DPD)
(Nat-T 02N)
(unknown)
(unknown)
(unknown)
got ike lifetime attributes: 2147483 seconds
IKE SA selected psk+xauth-3des-md5
peer is XAUTH capable (draft-ietf-ipsec-isakmp-xauth-06)
peer is DPD capable (RFC3706)
peer is NAT-T capable (draft-02)\n
peer is using type 130 (ISAKMP_PAYLOAD_NAT_D_OLD) for NAT-Discovery payloads
peer is using type 130 (ISAKMP_PAYLOAD_NAT_D_OLD) for NAT-Discovery payloads
NAT status: this end behind NAT? YES -- remote end behind NAT? no
So, there is the other value 2147483 seconds!
Is there a way to improve the situation using the config file?
I am not familiar with the protocol, so if someone has some advice,
that would be great.
my config file:
IPSec gateway someRealIpAdress
IPSec ID someId
IPSec secret someSecret
Domain SomeDomain
Xauth username someUsername
Xauth password somePassword
Debug 2
Thanks Thomas
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/
reliable, maybe one crash a day.
On linux I get regular hangups every .. minutes.
Turning on Debug in the config file, I have found:
S7.3 QM_packet2 validate type
[2012-10-09 23:31:14]
got ike lifetime attributes: 600 seconds
but a 100 lines above that, there is:
S4.4 AM_packet2
[2012-10-09 23:31:14]
(Cisco Unity)
(Xauth)
(DPD)
(Nat-T 02N)
(unknown)
(unknown)
(unknown)
got ike lifetime attributes: 2147483 seconds
IKE SA selected psk+xauth-3des-md5
peer is XAUTH capable (draft-ietf-ipsec-isakmp-xauth-06)
peer is DPD capable (RFC3706)
peer is NAT-T capable (draft-02)\n
peer is using type 130 (ISAKMP_PAYLOAD_NAT_D_OLD) for NAT-Discovery payloads
peer is using type 130 (ISAKMP_PAYLOAD_NAT_D_OLD) for NAT-Discovery payloads
NAT status: this end behind NAT? YES -- remote end behind NAT? no
So, there is the other value 2147483 seconds!
Is there a way to improve the situation using the config file?
I am not familiar with the protocol, so if someone has some advice,
that would be great.
my config file:
IPSec gateway someRealIpAdress
IPSec ID someId
IPSec secret someSecret
Domain SomeDomain
Xauth username someUsername
Xauth password somePassword
Debug 2
Thanks Thomas
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/