CISCO VPN Client Connection Issue
Cisco VPN, Cisco VPN Error Messages, VPN issue, Windows XP Professional, Windows XP Professional SP3
During the Xmas holidays 2010 I had Catosrphic failure on my computer resulting re-loading oprating system and all software from scratch.
Prior to this my VPN Client connection to my work server had no issues and working fine. Since Xmas I have been unable to connect my VPN with the Reason 442 failed to enable virtual adapter. The virtual adapter was not recognised by the operation system and failed to enable. I have contacted my IT department who have informed me that the Client version is correct and the imported .pcf file for my work connection is correct and up to date. Remember, this was working fine prior to Xmas.
below is the VPN Log details (High) of events. This only begs me to believe that there is something somewhere in my settings that is holding the connection back and my works server is not recognising the Adapater even though after checking the adapter Windows states it is working correctly. Can anyone help me please.
Much appreciated
Cisco Systems VPN Client Version 5.0.05.0290 Copyright (C) 1998-2009 Cisco Systems, Inc. All Rights Reserved. Client Type(s): Windows, WinNT Running on: 5.1.2600 Service Pack 3 Config file directory: C:Program FilesCisco SystemsVPN Client
1 09:49:39.703 02/19/11 Sev=Info/4 CM/0x63100002 Begin connection process
2 09:49:39.750 02/19/11 Sev=Info/4 CM/0x63100004 Establish secure connection
3 09:49:39.750 02/19/11 Sev=Info/4 CM/0x63100024 Attempt connection with server "vpn.europe.tycofs.com"
4 09:49:39.781 02/19/11 Sev=Info/6 CM/0x6310002F Allocated local TCP port 1985 for TCP connection.
5 09:49:39.812 02/19/11 Sev=Info/4 IPSEC/0x63700008 IPSec driver successfully started
6 09:49:39.812 02/19/11 Sev=Info/4 IPSEC/0x63700014 Deleted all keys
7 09:49:39.812 02/19/11 Sev=Info/6 IPSEC/0x6370002C Sent 3 packets, 0 were fragmented.
8 09:49:39.812 02/19/11 Sev=Info/6 IPSEC/0x63700020 TCP SYN sent to 62.173.194.4, src port 1985, dst port 10000
9 09:49:39.812 02/19/11 Sev=Info/6 IPSEC/0x6370001C TCP SYN-ACK received from 62.173.194.4, src port 10000, dst port 1985
10 09:49:39.828 02/19/11 Sev=Info/6 IPSEC/0x63700021 TCP ACK sent to 62.173.194.4, src port 1985, dst port 10000
11 09:49:39.828 02/19/11 Sev=Info/4 CM/0x63100029 TCP connection established on port 10000 with server "vpn.europe.tycofs.com"
12 09:49:40.828 02/19/11 Sev=Info/4 CM/0x63100024 Attempt connection with server "vpn.europe.tycofs.com"
13 09:49:40.828 02/19/11 Sev=Info/6 IKE/0x6300003B Attempting to establish a connection with 62.173.194.4.
14 09:49:40.828 02/19/11 Sev=Info/4 IKE/0x63000001 Starting IKE Phase 1 Negotiation
15 09:49:40.828 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Unity)) to 62.173.194.4
16 09:49:40.843 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
17 09:49:40.843 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Frag), VID(?), VID(?)) from 62.173.194.4
18 09:49:40.843 02/19/11 Sev=Info/5 IKE/0x63000001 Peer is a Cisco-Unity compliant peer
19 09:49:40.843 02/19/11 Sev=Info/5 IKE/0x63000001 Peer supports XAUTH
20 09:49:40.843 02/19/11 Sev=Info/5 IKE/0x63000001 Peer supports DPD
21 09:49:40.843 02/19/11 Sev=Info/5 IKE/0x63000001 Peer supports IKE fragmentation payloads
22 09:49:40.859 02/19/11 Sev=Info/5 IKE/0x63000001 Peer supports DWR Code and DWR Text
23 09:49:41.046 02/19/11 Sev=Info/6 GUI/0x63B00012 Authentication request attributes is 6h.
24 09:49:40.859 02/19/11 Sev=Info/6 IKE/0x63000001 IOS Vendor ID Contruction successful
25 09:49:40.859 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, VID(?), VID(Unity)) to 62.173.194.4
26 09:49:40.859 02/19/11 Sev=Info/4 IKE/0x63000083 IKE Port in use - Local Port = 0x07C3, Remote Port = 0x01F4
27 09:49:40.859 02/19/11 Sev=Info/4 CM/0x6310000E Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
28 09:49:40.875 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
29 09:49:40.875 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 62.173.194.4
30 09:49:40.875 02/19/11 Sev=Info/4 CM/0x63100015 Launch xAuth application
31 09:49:51.406 02/19/11 Sev=Info/4 CM/0x63100017 xAuth application returned
32 09:49:51.406 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 62.173.194.4
33 09:49:51.437 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
34 09:49:51.437 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 62.173.194.4
35 09:49:51.437 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 62.173.194.4
36 09:49:51.437 02/19/11 Sev=Info/4 CM/0x6310000E Established Phase 1 SA. 1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system
37 09:49:52.500 02/19/11 Sev=Info/5 IKE/0x6300005E Client sending a firewall request to concentrator
38 09:49:52.500 02/19/11 Sev=Info/5 IKE/0x6300005D Firewall Policy: Product=Cisco Systems Integrated Client Firewall, Capability= (Centralized Protection Policy).
39 09:49:52.500 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 62.173.194.4
40 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
41 09:49:52.640 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 62.173.194.4
42 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_ADDRESS: , value = 10.35.160.29
43 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NETMASK: , value = 255.255.240.0
44 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(1): , value = 10.66.0.37
45 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(2): , value = 10.66.0.56
46 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SAVEPWD: , value = 0x00000000
47 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SPLIT_INCLUDE (# of split_nets), value = 0x00000001
48 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000F SPLIT_NET #1 subnet = 10.0.0.0 mask = 255.0.0.0 protocol = 0 src port = 0 dest port=0
49 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_PFS: , value = 0x00000000
50 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000E MODE_CFG_REPLY: Attribute = APPLICATION_VERSION, value = Cisco Systems, Inc ASA5520 Version 8.2(4) built by builders on Tue 14-Dec-10 12:00
51 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SMARTCARD_REMOVAL_DISCONNECT: , value = 0x00000001
52 09:49:52.656 02/19/11 Sev=Info/4 CM/0x63100019 Mode Config data received
53 09:49:52.671 02/19/11 Sev=Info/4 IKE/0x63000056 Received a key request from Driver: Local IP = 10.35.160.29, GW IP = 62.173.194.4, Remote IP = 0.0.0.0
54 09:49:52.671 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK QM *(HASH, SA, NON, ID, ID) to 62.173.194.4
55 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
56 09:49:52.703 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_RESP_LIFETIME) from 62.173.194.4
57 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000045 RESPONDER-LIFETIME notify has value of 86400 seconds
58 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000047 This SA has already been alive for 12 seconds, setting expiry to 86388 seconds from now
59 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
60 09:49:52.703 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK QM *(HASH, SA, NON, ID, ID, NOTIFY:STATUS_RESP_LIFETIME) from 62.173.194.4
61 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000045 RESPONDER-LIFETIME notify has value of 28800 seconds
62 09:49:52.703 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK QM *(HASH) to 62.173.194.4
63 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000059 Loading IPsec SA (MsgID=5A463080 OUTBOUND SPI = 0x4279D699 INBOUND SPI = 0x420B6C79)
64 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000025 Loaded OUTBOUND ESP SPI: 0x4279D699
65 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000026 Loaded INBOUND ESP SPI: 0x420B6C79
66 09:49:52.859 02/19/11 Sev=Info/5 CVPND/0x63400013 Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 86.30.240.1 86.30.240.140 20 86.30.240.0 255.255.255.0 86.30.240.140 86.30.240.140 20 86.30.240.140 255.255.255.255 127.0.0.1 127.0.0.1 20 86.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 224.0.0.0 240.0.0.0 86.30.240.140 86.30.240.140 20 255.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 1
67 09:50:04.296 02/19/11 Sev=Warning/3 CVPND/0xA340000D The virtual adapter was not recognized by the operating system.
68 09:50:04.296 02/19/11 Sev=Warning/2 CM/0xE310000A The virtual adapter failed to enable
69 09:50:04.296 02/19/11 Sev=Info/5 CVPND/0x63400013 Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 86.30.240.1 86.30.240.140 20 86.30.240.0 255.255.255.0 86.30.240.140 86.30.240.140 20 86.30.240.140 255.255.255.255 127.0.0.1 127.0.0.1 20 86.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 224.0.0.0 240.0.0.0 86.30.240.140 86.30.240.140 20 255.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 1
70 09:50:04.296 02/19/11 Sev=Info/6 CM/0x6310003A Unable to restore route changes from file.
71 09:50:04.296 02/19/11 Sev=Info/6 CM/0x63100037 The routing table was returned to original state prior to Virtual Adapter
72 09:50:04.468 02/19/11 Sev=Info/5 CVPND/0x63400013 Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 86.30.240.1 86.30.240.140 20 86.30.240.0 255.255.255.0 86.30.240.140 86.30.240.140 20 86.30.240.140 255.255.255.255 127.0.0.1 127.0.0.1 20 86.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 224.0.0.0 240.0.0.0 86.30.240.140 86.30.240.140 20 255.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 1
73 09:50:04.468 02/19/11 Sev=Info/4 CM/0x63100035 The Virtual Adapter was disabled
74 09:50:04.468 02/19/11 Sev=Warning/2 IKE/0xE300009B Failed to active IPSec SA: Unable to enable Virtual Adapter (NavigatorQM:936)
75 09:50:04.468 02/19/11 Sev=Warning/2 IKE/0xE30000A7 Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)
76 09:50:04.468 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 62.173.194.4
77 09:50:04.468 02/19/11 Sev=Info/5 IKE/0x63000018 Deleting IPsec SA: (OUTBOUND SPI = 4279D699 INBOUND SPI = 420B6C79)
78 09:50:04.468 02/19/11 Sev=Info/4 IKE/0x63000049 Discarding IPsec SA negotiation, MsgID=5A463080
79 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x63700014 Deleted all keys
80 09:50:04.468 02/19/11 Sev=Info/6 IPSEC/0x6370002C Sent 5 packets, 0 were fragmented.
81 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x63700010 Created a new key structure
82 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x6370000F Added key with SPI=0x99d67942 into key list
83 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x63700010 Created a new key structure
84 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x6370000F Added key with SPI=0x796c0b42 into key list
85 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x63700013 Delete internal key with SPI=0x796c0b42
86 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x6370000C Key deleted by SPI 0x796c0b42
87 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x63700013 Delete internal key with SPI=0x99d67942
88 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x6370000C Key deleted by SPI 0x99d67942
89 09:50:04.484 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
90 09:50:04.484 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK INFO *(HASH, DWR) from 62.173.194.4
91 09:50:04.484 02/19/11 Sev=Info/4 IKE/0x63000081 Delete Reason Code: 2 --> PEER_DELETE-IKE_DELETE_BY_USER_COMMAND.
92 09:50:04.484 02/19/11 Sev=Info/5 IKE/0x6300003C Received a DELETE payload for IKE SA with Cookies: I_Cookie=D178F88678B842CA R_Cookie=596C94F80209615C
93 09:50:04.484 02/19/11 Sev=Info/4 IKE/0x63000017 Marking IKE SA for deletion (I_Cookie=D178F88678B842CA R_Cookie=596C94F80209615C) reason = Unknown
94 09:50:05.265 02/19/11 Sev=Info/6 IPSEC/0x6370001D TCP RST received from 62.173.194.4, src port 10000, dst port 1985
95 09:50:05.265 02/19/11 Sev=Info/4 IKE/0x6300004B Discarding IKE SA negotiation (I_Cookie=D178F88678B842CA R_Cookie=596C94F80209615C) reason = Unknown
96 09:50:05.265 02/19/11 Sev=Info/4 CM/0x63100012 Phase 1 SA deleted before first Phase 2 SA is up cause by "Unknown". 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
97 09:50:05.265 02/19/11 Sev=Info/5 CM/0x63100025 Initializing CVPNDrv
98 09:50:05.281 02/19/11 Sev=Info/4 CM/0x6310002D Resetting TCP connection on port 10000
99 09:50:05.281 02/19/11 Sev=Info/6 CM/0x63100030 Removed local TCP port 1985 for TCP connection.
100 09:50:05.296 02/19/11 Sev=Info/6 CM/0x63100046 Set tunnel established flag in registry to 0.
101 09:50:05.296 02/19/11 Sev=Info/4 IKE/0x63000001 IKE received signal to terminate VPN connection
102 09:50:06.296 02/19/11 Sev=Info/6 IPSEC/0x63700023 TCP RST sent to 62.173.194.4, src port 1985, dst port 10000
103 09:50:06.296 02/19/11 Sev=Info/4 IPSEC/0x63700014 Deleted all keys
104 09:50:06.296 02/19/11 Sev=Info/4 IPSEC/0x63700014 Deleted all keys
105 09:50:06.296 02/19/11 Sev=Info/4 IPSEC/0x63700014 Deleted all keys
106 09:50:06.296 02/19/11 Sev=Info/4 IPSEC/0x6370000A IPSec driver successfully stopped
Software/Hardware used:
Windows XP Pro SP3 / Cisco VPN Client v 5.0.05.0290
Prior to this my VPN Client connection to my work server had no issues and working fine. Since Xmas I have been unable to connect my VPN with the Reason 442 failed to enable virtual adapter. The virtual adapter was not recognised by the operation system and failed to enable. I have contacted my IT department who have informed me that the Client version is correct and the imported .pcf file for my work connection is correct and up to date. Remember, this was working fine prior to Xmas.
below is the VPN Log details (High) of events. This only begs me to believe that there is something somewhere in my settings that is holding the connection back and my works server is not recognising the Adapater even though after checking the adapter Windows states it is working correctly. Can anyone help me please.
Much appreciated
Cisco Systems VPN Client Version 5.0.05.0290 Copyright (C) 1998-2009 Cisco Systems, Inc. All Rights Reserved. Client Type(s): Windows, WinNT Running on: 5.1.2600 Service Pack 3 Config file directory: C:Program FilesCisco SystemsVPN Client
1 09:49:39.703 02/19/11 Sev=Info/4 CM/0x63100002 Begin connection process
2 09:49:39.750 02/19/11 Sev=Info/4 CM/0x63100004 Establish secure connection
3 09:49:39.750 02/19/11 Sev=Info/4 CM/0x63100024 Attempt connection with server "vpn.europe.tycofs.com"
4 09:49:39.781 02/19/11 Sev=Info/6 CM/0x6310002F Allocated local TCP port 1985 for TCP connection.
5 09:49:39.812 02/19/11 Sev=Info/4 IPSEC/0x63700008 IPSec driver successfully started
6 09:49:39.812 02/19/11 Sev=Info/4 IPSEC/0x63700014 Deleted all keys
7 09:49:39.812 02/19/11 Sev=Info/6 IPSEC/0x6370002C Sent 3 packets, 0 were fragmented.
8 09:49:39.812 02/19/11 Sev=Info/6 IPSEC/0x63700020 TCP SYN sent to 62.173.194.4, src port 1985, dst port 10000
9 09:49:39.812 02/19/11 Sev=Info/6 IPSEC/0x6370001C TCP SYN-ACK received from 62.173.194.4, src port 10000, dst port 1985
10 09:49:39.828 02/19/11 Sev=Info/6 IPSEC/0x63700021 TCP ACK sent to 62.173.194.4, src port 1985, dst port 10000
11 09:49:39.828 02/19/11 Sev=Info/4 CM/0x63100029 TCP connection established on port 10000 with server "vpn.europe.tycofs.com"
12 09:49:40.828 02/19/11 Sev=Info/4 CM/0x63100024 Attempt connection with server "vpn.europe.tycofs.com"
13 09:49:40.828 02/19/11 Sev=Info/6 IKE/0x6300003B Attempting to establish a connection with 62.173.194.4.
14 09:49:40.828 02/19/11 Sev=Info/4 IKE/0x63000001 Starting IKE Phase 1 Negotiation
15 09:49:40.828 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Unity)) to 62.173.194.4
16 09:49:40.843 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
17 09:49:40.843 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Frag), VID(?), VID(?)) from 62.173.194.4
18 09:49:40.843 02/19/11 Sev=Info/5 IKE/0x63000001 Peer is a Cisco-Unity compliant peer
19 09:49:40.843 02/19/11 Sev=Info/5 IKE/0x63000001 Peer supports XAUTH
20 09:49:40.843 02/19/11 Sev=Info/5 IKE/0x63000001 Peer supports DPD
21 09:49:40.843 02/19/11 Sev=Info/5 IKE/0x63000001 Peer supports IKE fragmentation payloads
22 09:49:40.859 02/19/11 Sev=Info/5 IKE/0x63000001 Peer supports DWR Code and DWR Text
23 09:49:41.046 02/19/11 Sev=Info/6 GUI/0x63B00012 Authentication request attributes is 6h.
24 09:49:40.859 02/19/11 Sev=Info/6 IKE/0x63000001 IOS Vendor ID Contruction successful
25 09:49:40.859 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, VID(?), VID(Unity)) to 62.173.194.4
26 09:49:40.859 02/19/11 Sev=Info/4 IKE/0x63000083 IKE Port in use - Local Port = 0x07C3, Remote Port = 0x01F4
27 09:49:40.859 02/19/11 Sev=Info/4 CM/0x6310000E Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
28 09:49:40.875 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
29 09:49:40.875 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 62.173.194.4
30 09:49:40.875 02/19/11 Sev=Info/4 CM/0x63100015 Launch xAuth application
31 09:49:51.406 02/19/11 Sev=Info/4 CM/0x63100017 xAuth application returned
32 09:49:51.406 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 62.173.194.4
33 09:49:51.437 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
34 09:49:51.437 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 62.173.194.4
35 09:49:51.437 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 62.173.194.4
36 09:49:51.437 02/19/11 Sev=Info/4 CM/0x6310000E Established Phase 1 SA. 1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system
37 09:49:52.500 02/19/11 Sev=Info/5 IKE/0x6300005E Client sending a firewall request to concentrator
38 09:49:52.500 02/19/11 Sev=Info/5 IKE/0x6300005D Firewall Policy: Product=Cisco Systems Integrated Client Firewall, Capability= (Centralized Protection Policy).
39 09:49:52.500 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 62.173.194.4
40 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
41 09:49:52.640 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 62.173.194.4
42 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_ADDRESS: , value = 10.35.160.29
43 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_NETMASK: , value = 255.255.240.0
44 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(1): , value = 10.66.0.37
45 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x63000010 MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(2): , value = 10.66.0.56
46 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SAVEPWD: , value = 0x00000000
47 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SPLIT_INCLUDE (# of split_nets), value = 0x00000001
48 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000F SPLIT_NET #1 subnet = 10.0.0.0 mask = 255.0.0.0 protocol = 0 src port = 0 dest port=0
49 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_PFS: , value = 0x00000000
50 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000E MODE_CFG_REPLY: Attribute = APPLICATION_VERSION, value = Cisco Systems, Inc ASA5520 Version 8.2(4) built by builders on Tue 14-Dec-10 12:00
51 09:49:52.640 02/19/11 Sev=Info/5 IKE/0x6300000D MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SMARTCARD_REMOVAL_DISCONNECT: , value = 0x00000001
52 09:49:52.656 02/19/11 Sev=Info/4 CM/0x63100019 Mode Config data received
53 09:49:52.671 02/19/11 Sev=Info/4 IKE/0x63000056 Received a key request from Driver: Local IP = 10.35.160.29, GW IP = 62.173.194.4, Remote IP = 0.0.0.0
54 09:49:52.671 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK QM *(HASH, SA, NON, ID, ID) to 62.173.194.4
55 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
56 09:49:52.703 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_RESP_LIFETIME) from 62.173.194.4
57 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000045 RESPONDER-LIFETIME notify has value of 86400 seconds
58 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000047 This SA has already been alive for 12 seconds, setting expiry to 86388 seconds from now
59 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
60 09:49:52.703 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK QM *(HASH, SA, NON, ID, ID, NOTIFY:STATUS_RESP_LIFETIME) from 62.173.194.4
61 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000045 RESPONDER-LIFETIME notify has value of 28800 seconds
62 09:49:52.703 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK QM *(HASH) to 62.173.194.4
63 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000059 Loading IPsec SA (MsgID=5A463080 OUTBOUND SPI = 0x4279D699 INBOUND SPI = 0x420B6C79)
64 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000025 Loaded OUTBOUND ESP SPI: 0x4279D699
65 09:49:52.703 02/19/11 Sev=Info/5 IKE/0x63000026 Loaded INBOUND ESP SPI: 0x420B6C79
66 09:49:52.859 02/19/11 Sev=Info/5 CVPND/0x63400013 Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 86.30.240.1 86.30.240.140 20 86.30.240.0 255.255.255.0 86.30.240.140 86.30.240.140 20 86.30.240.140 255.255.255.255 127.0.0.1 127.0.0.1 20 86.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 224.0.0.0 240.0.0.0 86.30.240.140 86.30.240.140 20 255.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 1
67 09:50:04.296 02/19/11 Sev=Warning/3 CVPND/0xA340000D The virtual adapter was not recognized by the operating system.
68 09:50:04.296 02/19/11 Sev=Warning/2 CM/0xE310000A The virtual adapter failed to enable
69 09:50:04.296 02/19/11 Sev=Info/5 CVPND/0x63400013 Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 86.30.240.1 86.30.240.140 20 86.30.240.0 255.255.255.0 86.30.240.140 86.30.240.140 20 86.30.240.140 255.255.255.255 127.0.0.1 127.0.0.1 20 86.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 224.0.0.0 240.0.0.0 86.30.240.140 86.30.240.140 20 255.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 1
70 09:50:04.296 02/19/11 Sev=Info/6 CM/0x6310003A Unable to restore route changes from file.
71 09:50:04.296 02/19/11 Sev=Info/6 CM/0x63100037 The routing table was returned to original state prior to Virtual Adapter
72 09:50:04.468 02/19/11 Sev=Info/5 CVPND/0x63400013 Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 86.30.240.1 86.30.240.140 20 86.30.240.0 255.255.255.0 86.30.240.140 86.30.240.140 20 86.30.240.140 255.255.255.255 127.0.0.1 127.0.0.1 20 86.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 224.0.0.0 240.0.0.0 86.30.240.140 86.30.240.140 20 255.255.255.255 255.255.255.255 86.30.240.140 86.30.240.140 1
73 09:50:04.468 02/19/11 Sev=Info/4 CM/0x63100035 The Virtual Adapter was disabled
74 09:50:04.468 02/19/11 Sev=Warning/2 IKE/0xE300009B Failed to active IPSec SA: Unable to enable Virtual Adapter (NavigatorQM:936)
75 09:50:04.468 02/19/11 Sev=Warning/2 IKE/0xE30000A7 Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)
76 09:50:04.468 02/19/11 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to 62.173.194.4
77 09:50:04.468 02/19/11 Sev=Info/5 IKE/0x63000018 Deleting IPsec SA: (OUTBOUND SPI = 4279D699 INBOUND SPI = 420B6C79)
78 09:50:04.468 02/19/11 Sev=Info/4 IKE/0x63000049 Discarding IPsec SA negotiation, MsgID=5A463080
79 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x63700014 Deleted all keys
80 09:50:04.468 02/19/11 Sev=Info/6 IPSEC/0x6370002C Sent 5 packets, 0 were fragmented.
81 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x63700010 Created a new key structure
82 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x6370000F Added key with SPI=0x99d67942 into key list
83 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x63700010 Created a new key structure
84 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x6370000F Added key with SPI=0x796c0b42 into key list
85 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x63700013 Delete internal key with SPI=0x796c0b42
86 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x6370000C Key deleted by SPI 0x796c0b42
87 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x63700013 Delete internal key with SPI=0x99d67942
88 09:50:04.468 02/19/11 Sev=Info/4 IPSEC/0x6370000C Key deleted by SPI 0x99d67942
89 09:50:04.484 02/19/11 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = 62.173.194.4
90 09:50:04.484 02/19/11 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK INFO *(HASH, DWR) from 62.173.194.4
91 09:50:04.484 02/19/11 Sev=Info/4 IKE/0x63000081 Delete Reason Code: 2 --> PEER_DELETE-IKE_DELETE_BY_USER_COMMAND.
92 09:50:04.484 02/19/11 Sev=Info/5 IKE/0x6300003C Received a DELETE payload for IKE SA with Cookies: I_Cookie=D178F88678B842CA R_Cookie=596C94F80209615C
93 09:50:04.484 02/19/11 Sev=Info/4 IKE/0x63000017 Marking IKE SA for deletion (I_Cookie=D178F88678B842CA R_Cookie=596C94F80209615C) reason = Unknown
94 09:50:05.265 02/19/11 Sev=Info/6 IPSEC/0x6370001D TCP RST received from 62.173.194.4, src port 10000, dst port 1985
95 09:50:05.265 02/19/11 Sev=Info/4 IKE/0x6300004B Discarding IKE SA negotiation (I_Cookie=D178F88678B842CA R_Cookie=596C94F80209615C) reason = Unknown
96 09:50:05.265 02/19/11 Sev=Info/4 CM/0x63100012 Phase 1 SA deleted before first Phase 2 SA is up cause by "Unknown". 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
97 09:50:05.265 02/19/11 Sev=Info/5 CM/0x63100025 Initializing CVPNDrv
98 09:50:05.281 02/19/11 Sev=Info/4 CM/0x6310002D Resetting TCP connection on port 10000
99 09:50:05.281 02/19/11 Sev=Info/6 CM/0x63100030 Removed local TCP port 1985 for TCP connection.
100 09:50:05.296 02/19/11 Sev=Info/6 CM/0x63100046 Set tunnel established flag in registry to 0.
101 09:50:05.296 02/19/11 Sev=Info/4 IKE/0x63000001 IKE received signal to terminate VPN connection
102 09:50:06.296 02/19/11 Sev=Info/6 IPSEC/0x63700023 TCP RST sent to 62.173.194.4, src port 1985, dst port 10000
103 09:50:06.296 02/19/11 Sev=Info/4 IPSEC/0x63700014 Deleted all keys
104 09:50:06.296 02/19/11 Sev=Info/4 IPSEC/0x63700014 Deleted all keys
105 09:50:06.296 02/19/11 Sev=Info/4 IPSEC/0x63700014 Deleted all keys
106 09:50:06.296 02/19/11 Sev=Info/4 IPSEC/0x6370000A IPSec driver successfully stopped
Software/Hardware used:
Windows XP Pro SP3 / Cisco VPN Client v 5.0.05.0290
ASKED:
February 19, 2011 9:53 AM
UPDATED:
February 24, 2011 9:08 AM
Answer Wiki:
It seems like - 2 lines 67/68 that your OS doesn't support the virtual adapter the VPN client is trying to establish, thats why at lines 73/74 the VPN client "disengaged". It also mentions - at line 75 - that it sees you're trying to use "Quickmode Negotiator".
Best suggestions: 1) Fully update the new Install of your OS 2) Retry to connect after you've updated everything, and see if you cant disable the "Quick mode" or 3) When you DO get back to work, have your IT folks scour over the OS install for needed or missing files / settings...
First of all check ur all basic configurations in Phase1 nd try to connect it again using Cisco VPN client if its connected thats good else check complete configuration of ur VPN from begining to end generally error code 442 comes for mismatching of authentication or pre shared key or mismatching of IP range between ur cisco VPN server to client so go through it nd U ll find ur solution.
or other best option is that just check ur pre-shared key nd transform set na dlso ip pool with subnet mask nd go to the particular interface nd apply it in crypto map ur problem ll be solved.
Thanks & Regards,
Amit Kumar
Network Security Specialist(Cisco)
To see all answers submitted to the Answer Wiki: View Answer History.
RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
