Other Ideas to troubleshoot Cisco IPSec VPN on OSX?
- by Tawm
We have one user running OSX Snow Leopard who is having issues staying connected to our VPN running off of an ASA5510. His connection can die even as he's actively pushing traffic across it or if he's been idle for a period of time. Other users on Snow Leopard, Lion, XP, Vista, 7 and various linux flavors are able to stay connected for 24hrs+ without issue
We've deleted and remade the connection in System Preferences Networking, ran killall racoon (kills any lingering connections)
Below are the logs from the user's system.log from a connect/disconnect cycle:
Oct 10 21:22:25 username racoon[8192]: Connecting.
Oct 10 21:22:25 username racoon[8192]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1).
Oct 10 21:22:25 username racoon[8192]: IKEv1 Phase1 AUTH: success. (Initiator, Aggressive-Mode Message 2).
Oct 10 21:22:25 username racoon[8192]: IKE Packet: receive success. (Initiator, Aggressive-Mode message 2).
Oct 10 21:22:25 username racoon[8192]: IKEv1 Phase1 Initiator: success. (Initiator, Aggressive-Mode).
Oct 10 21:22:25 username racoon[8192]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 3).
Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Mode-Config message).
Oct 10 21:22:29 username racoon[8192]: IKEv1 XAUTH: success. (XAUTH Status is OK).
Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Mode-Config message).
Oct 10 21:22:29 username racoon[8192]: IKEv1 Config: retransmited. (Mode-Config retransmit).
Oct 10 21:22:29 username racoon[8192]: IKE Packet: receive success. (MODE-Config).
Oct 10 21:22:29 username configd[14]: event_callback: Address added. previous interface setting (name: en1, address: 192.168.0.100), current interface setting (name: utun0, family: 1001, address: 10.215.8.53, subnet: 255.0.0.0, destination: 10.215.8.53).
Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1).
Oct 10 21:22:29 username configd[14]: network configuration changed.
Oct 10 21:22:29 username racoon[8192]: IKE Packet: receive success. (Initiator, Quick-Mode message 2).
Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3).
Oct 10 21:22:29 username racoon[8192]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode).
Oct 10 21:22:29 username racoon[8192]: Connected.
Oct 10 21:22:29 username configd[14]: SCNCController: Connected.
Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1).
Oct 10 21:22:29 username racoon[8192]: IKE Packet: receive success. (Initiator, Quick-Mode message 2).
Oct 10 21:22:29 username racoon[8192]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3).
Oct 10 21:22:29 username racoon[8192]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode).
Oct 10 21:22:47 username login[8200]: USER_PROCESS: 8200 ttys003
Oct 10 21:22:48 username GrowlHelperApp[160]: Periodic CFURLCache Insert stats (iters: 17240) - Tx time:0.001749, # of Inserts: 1, # of bytes written: 304, Did shrink: NO, Size of cache-file: 26624, Num of Failures: 0
Oct 10 21:25:24 username login[7367]: DEAD_PROCESS: 7367 ttys002
Oct 10 21:25:31 username login[7907]: DEAD_PROCESS: 7907 ttys001
Oct 10 21:27:32 username configd[14]: SCNCController: Disconnecting. (Connection was up for, 303 seconds).
Oct 10 21:27:32 username racoon[8192]: IKE Packet: transmit success. (Information message).
Oct 10 21:27:32 username racoon[8192]: IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA).
Oct 10 21:27:32 username racoon[8192]: IKE Packet: transmit success. (Information message).
Oct 10 21:27:32 username racoon[8192]: IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA).
Oct 10 21:27:32 username racoon[8192]: IKE Packet: transmit success. (Information message).
Oct 10 21:27:32 username racoon[8192]: IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA).
Oct 10 21:27:32 username racoon[8192]: Disconnecting. (Connection was up for, 302.766105 seconds).
Oct 10 21:27:32 username configd[14]: network configuration changed.
Oct 10 21:27:34 username login[8200]: DEAD_PROCESS: 8200 ttys003
