CISCO VPN Client Connection Issue

10 pts.
Tags:
Cisco VPN
Cisco VPN Error Messages
VPN issue
Windows XP Professional
Windows XP Professional SP3
During the Xmas holidays 2010 I had Catosrphic failure on my computer resulting re-loading oprating system and all software from scratch. 

Prior to this my VPN Client connection to my work server had no issues and working fine.  Since Xmas I have been unable to connect my VPN with the Reason 442 failed to enable virtual adapter.  The virtual adapter was not recognised by the operation system and failed to enable.  I have contacted my IT department who have informed me that the Client version is correct and the imported .pcf file for my work connection is correct and up to date.  Remember, this was working fine prior to Xmas.

below is the VPN Log details (High) of events.  This only begs me to believe that there is something somewhere in my settings that is holding the connection back and my works server is not recognising the Adapater even though after checking the adapter Windows states it is working correctly.  Can anyone help me please.

Much appreciated

Cisco Systems VPN Client Version 5.0.05.0290 Copyright (C) 1998-2009 Cisco Systems, Inc. All Rights Reserved. Client Type(s): Windows, WinNT Running on: 5.1.2600 Service Pack 3 Config file directory: C:Program FilesCisco SystemsVPN Client

1      09:49:39.703  02/19/11  Sev=Info/4 CM/0x63100002 Begin connection process

2      09:49:39.750  02/19/11  Sev=Info/4 CM/0x63100004 Establish secure connection

3      09:49:39.750  02/19/11  Sev=Info/4 CM/0x63100024 Attempt connection with server "vpn.europe.tycofs.com"

4      09:49:39.781  02/19/11  Sev=Info/6 CM/0x6310002F Allocated local TCP port 1985 for TCP connection.

5      09:49:39.812  02/19/11  Sev=Info/4 IPSEC/0x63700008 IPSec driver successfully started

6      09:49:39.812  02/19/11  Sev=Info/4 IPSEC/0x63700014 Deleted all keys

7      09:49:39.812  02/19/11  Sev=Info/6 IPSEC/0x6370002C Sent 3 packets, 0 were fragmented.

8      09:49:39.812  02/19/11  Sev=Info/6 IPSEC/0x63700020 TCP SYN sent to 62.173.194.4, src port 1985, dst port 10000

9      09:49:39.812  02/19/11  Sev=Info/6 IPSEC/0x6370001C TCP SYN-ACK received from 62.173.194.4, src port 10000, dst port 1985

10     09:49:39.828  02/19/11  Sev=Info/6 IPSEC/0x63700021 TCP ACK sent to 62.173.194.4, src port 1985, dst port 10000

11     09:49:39.828  02/19/11  Sev=Info/4 CM/0x63100029 TCP connection established on port 10000 with server "vpn.europe.tycofs.com"

12     09:49:40.828  02/19/11  Sev=Info/4 CM/0x63100024 Attempt connection with server "vpn.europe.tycofs.com"

13     09:49:40.828  02/19/11  Sev=Info/6 IKE/0x6300003B Attempting to establish a connection with 62.173.194.4.

14     09:49:40.828  02/19/11  Sev=Info/4 IKE/0x63000001 Starting IKE Phase 1 Negotiation

15     09:49:40.828  02/19/11  Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Unity)) to 62.173.194.4

16     09:49:40.843  02/19/11  Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4

17     09:49:40.843  02/19/11  Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Frag), VID(?), VID(?)) from 62.173.194.4

18     09:49:40.843  02/19/11  Sev=Info/5 IKE/0x63000001 Peer is a Cisco-Unity compliant peer

19     09:49:40.843  02/19/11  Sev=Info/5 IKE/0x63000001 Peer supports XAUTH

20     09:49:40.843  02/19/11  Sev=Info/5 IKE/0x63000001 Peer supports DPD

21     09:49:40.843  02/19/11  Sev=Info/5 IKE/0x63000001 Peer supports IKE fragmentation payloads

22     09:49:40.859  02/19/11  Sev=Info/5 IKE/0x63000001 Peer supports DWR Code and DWR Text

23     09:49:41.046  02/19/11  Sev=Info/6 GUI/0x63B00012 Authentication request attributes is 6h.

24     09:49:40.859  02/19/11  Sev=Info/6 IKE/0x63000001 IOS Vendor ID Contruction successful

25     09:49:40.859  02/19/11  Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, VID(?), VID(Unity)) to 62.173.194.4

26     09:49:40.859  02/19/11  Sev=Info/4 IKE/0x63000083 IKE Port in use - Local Port =  0x07C3, Remote Port = 0x01F4

27     09:49:40.859  02/19/11  Sev=Info/4 CM/0x6310000E Established Phase 1 SA.  1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

28     09:49:40.875  02/19/11  Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4

29     09:49:40.875  02/19/11  Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 62.173.194.4

30     09:49:40.875  02/19/11  Sev=Info/4 CM/0x63100015 Launch xAuth application

31     09:49:51.406  02/19/11  Sev=Info/4 CM/0x63100017 xAuth application returned

32     09:49:51.406  02/19/11  Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 62.173.194.4

33     09:49:51.437  02/19/11  Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4

34     09:49:51.437  02/19/11  Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 62.173.194.4

35     09:49:51.437  02/19/11  Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 62.173.194.4

36     09:49:51.437  02/19/11  Sev=Info/4 CM/0x6310000E Established Phase 1 SA.  1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system

37     09:49:52.500  02/19/11  Sev=Info/5 IKE/0x6300005E Client sending a firewall request to concentrator

38     09:49:52.500  02/19/11  Sev=Info/5 IKE/0x6300005D Firewall Policy: Product=Cisco Systems Integrated Client Firewall, Capability= (Centralized Protection Policy).

39     09:49:52.500  02/19/11  Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 62.173.194.4

40     09:49:52.640  02/19/11  Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4

41     09:49:52.640  02/19/11  Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 62.173.194.4

42     09:49:52.640  02/19/11  Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_ADDRESS: , value = 10.35.160.29

43     09:49:52.640  02/19/11  Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NETMASK: , value = 255.255.240.0

44     09:49:52.640  02/19/11  Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(1): , value = 10.66.0.37

45     09:49:52.640  02/19/11  Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(2): , value = 10.66.0.56

46     09:49:52.640  02/19/11  Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SAVEPWD: , value = 0x00000000

47     09:49:52.640  02/19/11  Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SPLIT_INCLUDE (# of split_nets), value = 0x00000001

48     09:49:52.640  02/19/11  Sev=Info/5 IKE/0x6300000F SPLIT_NET #1  subnet = 10.0.0.0  mask = 255.0.0.0  protocol = 0  src port = 0  dest port=0

49     09:49:52.640  02/19/11  Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_PFS: , value = 0x00000000

50     09:49:52.640  02/19/11  Sev=Info/5 IKE/0x6300000E MODE_CFG_REPLY: Attribute = APPLICATION_VERSION, value = Cisco Systems, Inc ASA5520 Version 8.2(4) built by builders on Tue 14-Dec-10 12:00

51     09:49:52.640  02/19/11  Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SMARTCARD_REMOVAL_DISCONNECT: , value = 0x00000001

52     09:49:52.656  02/19/11  Sev=Info/4 CM/0x63100019 Mode Config data received

53     09:49:52.671  02/19/11  Sev=Info/4 IKE/0x63000056 Received a key request from Driver: Local IP = 10.35.160.29, GW IP = 62.173.194.4, Remote IP = 0.0.0.0

54     09:49:52.671  02/19/11  Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK QM *(HASH, SA, NON, ID, ID) to 62.173.194.4

55     09:49:52.703  02/19/11  Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4

56     09:49:52.703  02/19/11  Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_RESP_LIFETIME) from 62.173.194.4

57     09:49:52.703  02/19/11  Sev=Info/5 IKE/0x63000045 RESPONDER-LIFETIME notify has value of 86400 seconds

58     09:49:52.703  02/19/11  Sev=Info/5 IKE/0x63000047 This SA has already been alive for 12 seconds, setting expiry to 86388 seconds from now

59     09:49:52.703  02/19/11  Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4

60     09:49:52.703  02/19/11  Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK QM *(HASH, SA, NON, ID, ID, NOTIFY:STATUS_RESP_LIFETIME) from 62.173.194.4

61     09:49:52.703  02/19/11  Sev=Info/5 IKE/0x63000045 RESPONDER-LIFETIME notify has value of 28800 seconds

62     09:49:52.703  02/19/11  Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK QM *(HASH) to 62.173.194.4

63     09:49:52.703  02/19/11  Sev=Info/5 IKE/0x63000059 Loading IPsec SA (MsgID=5A463080 OUTBOUND SPI = 0x4279D699 INBOUND SPI = 0x420B6C79)

64     09:49:52.703  02/19/11  Sev=Info/5 IKE/0x63000025 Loaded OUTBOUND ESP SPI: 0x4279D699

65     09:49:52.703  02/19/11  Sev=Info/5 IKE/0x63000026 Loaded INBOUND ESP SPI: 0x420B6C79

66     09:49:52.859  02/19/11  Sev=Info/5 CVPND/0x63400013     Destination           Netmask           Gateway         Interface   Metric         0.0.0.0           0.0.0.0       86.30.240.1     86.30.240.140       20     86.30.240.0     255.255.255.0     86.30.240.140     86.30.240.140       20   86.30.240.140   255.255.255.255         127.0.0.1         127.0.0.1       20  86.255.255.255   255.255.255.255     86.30.240.140     86.30.240.140       20       127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1        1       224.0.0.0         240.0.0.0     86.30.240.140     86.30.240.140       20 255.255.255.255   255.255.255.255     86.30.240.140     86.30.240.140        1

67     09:50:04.296  02/19/11  Sev=Warning/3 CVPND/0xA340000D The virtual adapter was not recognized by the operating system.

68     09:50:04.296  02/19/11  Sev=Warning/2 CM/0xE310000A The virtual adapter failed to enable

69     09:50:04.296  02/19/11  Sev=Info/5 CVPND/0x63400013     Destination           Netmask           Gateway         Interface   Metric         0.0.0.0           0.0.0.0       86.30.240.1     86.30.240.140       20     86.30.240.0     255.255.255.0     86.30.240.140     86.30.240.140       20   86.30.240.140   255.255.255.255         127.0.0.1         127.0.0.1       20  86.255.255.255   255.255.255.255     86.30.240.140     86.30.240.140       20       127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1        1       224.0.0.0         240.0.0.0     86.30.240.140     86.30.240.140       20 255.255.255.255   255.255.255.255     86.30.240.140     86.30.240.140        1

70     09:50:04.296  02/19/11  Sev=Info/6 CM/0x6310003A Unable to restore route changes from file.

71     09:50:04.296  02/19/11  Sev=Info/6 CM/0x63100037 The routing table was returned to original state prior to Virtual Adapter

72     09:50:04.468  02/19/11  Sev=Info/5 CVPND/0x63400013     Destination           Netmask           Gateway         Interface   Metric         0.0.0.0           0.0.0.0       86.30.240.1     86.30.240.140       20     86.30.240.0     255.255.255.0     86.30.240.140     86.30.240.140       20   86.30.240.140   255.255.255.255         127.0.0.1         127.0.0.1       20  86.255.255.255   255.255.255.255     86.30.240.140     86.30.240.140       20       127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1        1       224.0.0.0         240.0.0.0     86.30.240.140     86.30.240.140       20 255.255.255.255   255.255.255.255     86.30.240.140     86.30.240.140        1

73     09:50:04.468  02/19/11  Sev=Info/4 CM/0x63100035 The Virtual Adapter was disabled

74     09:50:04.468  02/19/11  Sev=Warning/2 IKE/0xE300009B Failed to active IPSec SA: Unable to enable Virtual Adapter (NavigatorQM:936)

75     09:50:04.468  02/19/11  Sev=Warning/2 IKE/0xE30000A7 Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)

76     09:50:04.468  02/19/11  Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 62.173.194.4

77     09:50:04.468  02/19/11  Sev=Info/5 IKE/0x63000018 Deleting IPsec SA: (OUTBOUND SPI = 4279D699 INBOUND SPI = 420B6C79)

78     09:50:04.468  02/19/11  Sev=Info/4 IKE/0x63000049 Discarding IPsec SA negotiation, MsgID=5A463080

79     09:50:04.468  02/19/11  Sev=Info/4 IPSEC/0x63700014 Deleted all keys

80     09:50:04.468  02/19/11  Sev=Info/6 IPSEC/0x6370002C Sent 5 packets, 0 were fragmented.

81     09:50:04.468  02/19/11  Sev=Info/4 IPSEC/0x63700010 Created a new key structure

82     09:50:04.468  02/19/11  Sev=Info/4 IPSEC/0x6370000F Added key with SPI=0x99d67942 into key list

83     09:50:04.468  02/19/11  Sev=Info/4 IPSEC/0x63700010 Created a new key structure

84     09:50:04.468  02/19/11  Sev=Info/4 IPSEC/0x6370000F Added key with SPI=0x796c0b42 into key list

85     09:50:04.468  02/19/11  Sev=Info/4 IPSEC/0x63700013 Delete internal key with SPI=0x796c0b42

86     09:50:04.468  02/19/11  Sev=Info/4 IPSEC/0x6370000C Key deleted by SPI 0x796c0b42

87     09:50:04.468  02/19/11  Sev=Info/4 IPSEC/0x63700013 Delete internal key with SPI=0x99d67942

88     09:50:04.468  02/19/11  Sev=Info/4 IPSEC/0x6370000C Key deleted by SPI 0x99d67942

89     09:50:04.484  02/19/11  Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4

90     09:50:04.484  02/19/11  Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK INFO *(HASH, DWR) from 62.173.194.4

91     09:50:04.484  02/19/11  Sev=Info/4 IKE/0x63000081 Delete Reason Code: 2 --> PEER_DELETE-IKE_DELETE_BY_USER_COMMAND.

92     09:50:04.484  02/19/11  Sev=Info/5 IKE/0x6300003C Received a DELETE payload for IKE SA with Cookies:  I_Cookie=D178F88678B842CA R_Cookie=596C94F80209615C

93     09:50:04.484  02/19/11  Sev=Info/4 IKE/0x63000017 Marking IKE SA for deletion  (I_Cookie=D178F88678B842CA R_Cookie=596C94F80209615C) reason = Unknown

94     09:50:05.265  02/19/11  Sev=Info/6 IPSEC/0x6370001D TCP RST received from 62.173.194.4, src port 10000, dst port 1985

95     09:50:05.265  02/19/11  Sev=Info/4 IKE/0x6300004B Discarding IKE SA negotiation (I_Cookie=D178F88678B842CA R_Cookie=596C94F80209615C) reason = Unknown

96     09:50:05.265  02/19/11  Sev=Info/4 CM/0x63100012 Phase 1 SA deleted before first Phase 2 SA is up cause by "Unknown".  0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system

97     09:50:05.265  02/19/11  Sev=Info/5 CM/0x63100025 Initializing CVPNDrv

98     09:50:05.281  02/19/11  Sev=Info/4 CM/0x6310002D Resetting TCP connection on port 10000

99     09:50:05.281  02/19/11  Sev=Info/6 CM/0x63100030 Removed local TCP port 1985 for TCP connection.

100    09:50:05.296  02/19/11  Sev=Info/6 CM/0x63100046 Set tunnel established flag in registry to 0.

101    09:50:05.296  02/19/11  Sev=Info/4 IKE/0x63000001 IKE received signal to terminate VPN connection

102    09:50:06.296  02/19/11  Sev=Info/6 IPSEC/0x63700023 TCP RST sent to 62.173.194.4, src port 1985, dst port 10000

103    09:50:06.296  02/19/11  Sev=Info/4 IPSEC/0x63700014 Deleted all keys

104    09:50:06.296  02/19/11  Sev=Info/4 IPSEC/0x63700014 Deleted all keys

105    09:50:06.296  02/19/11  Sev=Info/4 IPSEC/0x63700014 Deleted all keys

106    09:50:06.296  02/19/11  Sev=Info/4 IPSEC/0x6370000A IPSec driver successfully stopped

 

 



Software/Hardware used:
Windows XP Pro SP3 / Cisco VPN Client v 5.0.05.0290
ASKED: February 19, 2011  9:53 AM
UPDATED: February 24, 2011  9:08 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

It seems like – 2 lines 67/68 that your OS doesn’t support the virtual adapter the VPN client is trying to establish, thats why at lines 73/74 the VPN client “disengaged”. It also mentions – at line 75 – that it sees you’re trying to use “Quickmode Negotiator”.

Best suggestions: 1) Fully update the new Install of your OS 2) Retry to connect after you’ve updated everything, and see if you cant disable the “Quick mode” or 3) When you DO get back to work, have your IT folks scour over the OS install for needed or missing files / settings…
First of all check ur all basic configurations in Phase1 nd try to connect it again using Cisco VPN client if its connected thats good else check complete configuration of ur VPN from begining to end generally error code 442 comes for mismatching of authentication or pre shared key or mismatching of IP range between ur cisco VPN server to client so go through it nd U ll find ur solution.

or other best option is that just check ur pre-shared key nd transform set na dlso ip pool with subnet mask nd go to the particular interface nd apply it in crypto map ur problem ll be solved.

Thanks & Regards,
Amit Kumar
Network Security Specialist(Cisco)

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following