OSX 10.6 Cisco IPSEC strange behavior

Posted by tair on Server Fault See other posts from Server Fault or by tair
Published on 2011-06-29T07:56:39Z Indexed on 2011/06/29 8:24 UTC
Read the original article Hit count: 488

Filed under:
|
|
|

I'm trying to connect to Cisco IPSEC VPN of my company over DSL Internet. I managed to successfully connect using Cisco VPN Client, now I'm trying to switch to OSX 10.6 native client, because of licensing issues.

The problems is that the connection fails with a dialog box containing the message:

The negotiation with the VPN server failed. Verify the server address and try reconnecting.

I checked logs:

Jun 29 13:10:39 racoon[4551]: Connecting.
Jun 29 13:10:39 racoon[4551]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1).
Jun 29 13:10:39 racoon[4551]: IKEv1 Phase1 AUTH: success. (Initiator, Aggressive-Mode Message 2).
Jun 29 13:10:39 racoon[4551]: IKE Packet: receive success. (Initiator, Aggressive-Mode message 2).
Jun 29 13:10:39 racoon[4551]: IKEv1 Phase1 Initiator: success. (Initiator, Aggressive-Mode).
Jun 29 13:10:39 racoon[4551]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 3).
Jun 29 13:10:42 racoon[4551]: IKE Packet: transmit success. (Mode-Config message).
Jun 29 13:10:42 racoon[4551]: IKEv1 XAUTH: success. (XAUTH Status is OK).
Jun 29 13:10:42 racoon[4551]: IKE Packet: transmit success. (Mode-Config message).
Jun 29 13:10:42 racoon[4551]: IKEv1 Config: retransmited. (Mode-Config retransmit).
Jun 29 13:10:42 racoon[4551]: IKE Packet: receive success. (MODE-Config).
Jun 29 13:10:42 configd[19]: event_callback: Address added. previous interface setting (name: en1, address: 192.168.1.107), current interface setting (name: u92.168.54.147, subnet: 255.255.255.0, destination: 192.168.54.147).
Jun 29 13:10:42 configd[19]: network configuration changed.
Jun 29 13:10:42 vmnet-bridge[111]: Dynamic store changed
Jun 29 13:10:42 named[62]: not listening on any interfaces
Jun 29 13:10:58: --- last message repeated 1 time ---
Jun 29 13:10:58 configd[19]: SCNCController: Disconnecting. (Connection tried to negotiate for, 16 seconds).
Jun 29 13:10:58 racoon[4551]: IKE Packet: transmit success. (Information message).
Jun 29 13:10:58 racoon[4551]: IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA).
Jun 29 13:10:58 racoon[4551]: Disconnecting. (Connection tried to negotiate for, 19.113382 seconds).
Jun 29 13:10:58 named[62]: not listening on any interfaces
Jun 29 13:10:58 vmnet-bridge[111]: Dynamic store changed
Jun 29 13:10:58 named[62]: not listening on any interfaces
Jun 29 13:10:58 configd[19]: network configuration changed.

Then I opened Terminal, started pinging a server behind VPN, and tried to connect again. Now connection is OK! Logs this time:

Jun 29 13:46:53 racoon[8136]: Connecting.
Jun 29 13:46:53 racoon[8136]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1).
Jun 29 13:46:53 racoon[8136]: IKEv1 Phase1 AUTH: success. (Initiator, Aggressive-Mode Message 2).
Jun 29 13:46:53 racoon[8136]: IKE Packet: receive success. (Initiator, Aggressive-Mode message 2).
Jun 29 13:46:53 racoon[8136]: IKEv1 Phase1 Initiator: success. (Initiator, Aggressive-Mode).
Jun 29 13:46:53 racoon[8136]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 3).
Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Mode-Config message).
Jun 29 13:46:56 racoon[8136]: IKEv1 XAUTH: success. (XAUTH Status is OK).
Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Mode-Config message).
Jun 29 13:46:56 racoon[8136]: IKEv1 Config: retransmited. (Mode-Config retransmit).
Jun 29 13:46:56 racoon[8136]: IKE Packet: receive success. (MODE-Config).
Jun 29 13:46:56 configd[19]: event_callback: Address added. previous interface setting (name: en1, address: 192.168.1.107), current interface settinaddress: 192.168.54.149, subnet: 255.255.255.0, destination: 192.168.54.149).
Jun 29 13:46:56 vmnet-bridge[111]: Dynamic store changed
Jun 29 13:46:56 named[62]: not listening on any interfaces
Jun 29 13:46:56 configd[19]: network configuration changed.
Jun 29 13:46:56 named[62]: not listening on any interfaces
Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1).
Jun 29 13:46:56 racoon[8136]: IKE Packet: receive success. (Initiator, Quick-Mode message 2).
Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3).
Jun 29 13:46:56 racoon[8136]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode).
Jun 29 13:46:56 racoon[8136]: Connected.
Jun 29 13:46:56 configd[19]: SCNCController: Connected.

I tested it several times and it consistently behaves the same. What is the magic?

© Server Fault or respective owner

Related posts about vpn

Related posts about cisco