Client version 2.1.5 on Windows 7 Pro x64, connecting to an ASA 5505 8.2(1). The tunnel is established, and everything is great for ~15 minutes. After that, even with traffic flowing through the tunnel, it disconnects. I've tried with DPD enabled and disabled, it doesn't make a difference.
Here's a snippet of the debug log, followed by the relevant ASA config: 10/03/26 14:12:14 DB : phase1 found 10/03/26 14:12:14 -> : send NAT-T:KEEP-ALIVE packet 192.168.16.35:4500 -> [REDACTED]:4500 10/03/26 14:12:14 DB : phase1 found 10/03/26 14:12:14 ii : sending peer DPDV1-R-U-THERE notification 10/03/26 14:12:14 ii : - 192.168.16.35:4500 -> [REDACTED]:4500 10/03/26 14:12:14 ii : - isakmp spi = 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:14 ii : - data size 4 10/03/26 14:12:14 >> : hash payload 10/03/26 14:12:14 >> : notification payload 10/03/26 14:12:14 == : new informational hash ( 20 bytes ) 10/03/26 14:12:14 == : new informational iv ( 8 bytes ) 10/03/26 14:12:14 >= : cookies 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:14 >= : message eab3ef88 10/03/26 14:12:14 >= : encrypt iv ( 8 bytes ) 10/03/26 14:12:14 == : encrypt packet ( 84 bytes ) 10/03/26 14:12:14 == : stored iv ( 8 bytes ) 10/03/26 14:12:14 -> : send NAT-T:IKE packet 192.168.16.35:4500 -> [REDACTED]:4500 ( 116 bytes ) 10/03/26 14:12:14 ii : DPD ARE-YOU-THERE sequence 3c457e46 requested 10/03/26 14:12:14 <- : recv NAT-T:IKE packet [REDACTED]:4500 -> 192.168.16.35:4500 ( 84 bytes ) 10/03/26 14:12:14 DB : phase1 found 10/03/26 14:12:14 ii : processing informational packet ( 84 bytes ) 10/03/26 14:12:14 == : new informational iv ( 8 bytes ) 10/03/26 14:12:14 =< : cookies 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:14 =< : message 1b8a6452 10/03/26 14:12:14 =< : decrypt iv ( 8 bytes ) 10/03/26 14:12:14 == : decrypt packet ( 84 bytes ) 10/03/26 14:12:14 <= : stored iv ( 8 bytes ) 10/03/26 14:12:14 << : hash payload 10/03/26 14:12:14 << : notification payload 10/03/26 14:12:14 == : informational hash_i ( computed ) ( 20 bytes ) 10/03/26 14:12:14 == : informational hash_c ( received ) ( 20 bytes ) 10/03/26 14:12:14 ii : informational hash verified 10/03/26 14:12:14 ii : received peer DPDV1-R-U-THERE-ACK notification 10/03/26 14:12:14 ii : - [REDACTED]:4500 -> 192.168.16.35:4500 10/03/26 14:12:14 ii : - isakmp spi = 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:14 ii : - data size 4 10/03/26 14:12:14 ii : DPD ARE-YOU-THERE-ACK sequence 3c457e46 accepted 10/03/26 14:12:14 ii : next tunnel DPD request in 15 secs for peer [REDACTED]:4500 10/03/26 14:12:17 <- : recv NAT-T:IKE packet [REDACTED]:4500 -> 192.168.16.35:4500 ( 368 bytes ) 10/03/26 14:12:17 DB : phase1 not found 10/03/26 14:12:17 ii : attempting to locate tunnel for peer [REDACTED] 10/03/26 14:12:17 DB : tunnel found 10/03/26 14:12:17 ww : ike packet from [REDACTED] ignored, contact is denied for peer 10/03/26 14:12:25 <- : recv NAT-T:IKE packet [REDACTED]:4500 -> 192.168.16.35:4500 ( 368 bytes ) 10/03/26 14:12:25 DB : phase1 not found 10/03/26 14:12:25 ii : attempting to locate tunnel for peer [REDACTED] 10/03/26 14:12:25 DB : tunnel found 10/03/26 14:12:25 ww : ike packet from [REDACTED] ignored, contact is denied for peer 10/03/26 14:12:29 DB : phase1 found 10/03/26 14:12:29 -> : send NAT-T:KEEP-ALIVE packet 192.168.16.35:4500 -> [REDACTED]:4500 10/03/26 14:12:29 DB : phase1 found 10/03/26 14:12:29 ii : sending peer DPDV1-R-U-THERE notification 10/03/26 14:12:29 ii : - 192.168.16.35:4500 -> [REDACTED]:4500 10/03/26 14:12:29 ii : - isakmp spi = 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:29 ii : - data size 4 10/03/26 14:12:29 >> : hash payload 10/03/26 14:12:29 >> : notification payload 10/03/26 14:12:29 == : new informational hash ( 20 bytes ) 10/03/26 14:12:29 == : new informational iv ( 8 bytes ) 10/03/26 14:12:29 >= : cookies 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:29 >= : message 8cb67d72 10/03/26 14:12:29 >= : encrypt iv ( 8 bytes ) 10/03/26 14:12:29 == : encrypt packet ( 84 bytes ) 10/03/26 14:12:29 == : stored iv ( 8 bytes ) 10/03/26 14:12:29 -> : send NAT-T:IKE packet 192.168.16.35:4500 -> [REDACTED]:4500 ( 116 bytes ) 10/03/26 14:12:29 ii : DPD ARE-YOU-THERE sequence 3c457e47 requested 10/03/26 14:12:29 <- : recv NAT-T:IKE packet [REDACTED]:4500 -> 192.168.16.35:4500 ( 84 bytes ) 10/03/26 14:12:29 DB : phase1 found 10/03/26 14:12:29 ii : processing informational packet ( 84 bytes ) 10/03/26 14:12:29 == : new informational iv ( 8 bytes ) 10/03/26 14:12:29 =< : cookies 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:29 =< : message 8fbe801f 10/03/26 14:12:29 =< : decrypt iv ( 8 bytes ) 10/03/26 14:12:29 == : decrypt packet ( 84 bytes ) 10/03/26 14:12:29 <= : stored iv ( 8 bytes ) 10/03/26 14:12:29 << : hash payload 10/03/26 14:12:29 << : notification payload 10/03/26 14:12:29 == : informational hash_i ( computed ) ( 20 bytes ) 10/03/26 14:12:29 == : informational hash_c ( received ) ( 20 bytes ) 10/03/26 14:12:29 ii : informational hash verified 10/03/26 14:12:29 ii : received peer DPDV1-R-U-THERE-ACK notification 10/03/26 14:12:29 ii : - [REDACTED]:4500 -> 192.168.16.35:4500 10/03/26 14:12:29 ii : - isakmp spi = 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:29 ii : - data size 4 10/03/26 14:12:29 ii : DPD ARE-YOU-THERE-ACK sequence 3c457e47 accepted 10/03/26 14:12:29 ii : next tunnel DPD request in 15 secs for peer [REDACTED]:4500 10/03/26 14:12:33 <- : recv NAT-T:IKE packet [REDACTED]:4500 -> 192.168.16.35:4500 ( 368 bytes ) 10/03/26 14:12:33 DB : phase1 not found 10/03/26 14:12:33 ii : attempting to locate tunnel for peer [REDACTED] 10/03/26 14:12:33 DB : tunnel found 10/03/26 14:12:33 ww : ike packet from [REDACTED] ignored, contact is denied for peer 10/03/26 14:12:41 <- : recv NAT-T:IKE packet [REDACTED]:4500 -> 192.168.16.35:4500 ( 368 bytes ) 10/03/26 14:12:41 DB : phase1 not found 10/03/26 14:12:41 ii : attempting to locate tunnel for peer [REDACTED] 10/03/26 14:12:41 DB : tunnel found 10/03/26 14:12:41 ww : ike packet from [REDACTED] ignored, contact is denied for peer 10/03/26 14:12:44 DB : phase1 found 10/03/26 14:12:44 -> : send NAT-T:KEEP-ALIVE packet 192.168.16.35:4500 -> [REDACTED]:4500 10/03/26 14:12:44 DB : phase1 found 10/03/26 14:12:44 ii : sending peer DPDV1-R-U-THERE notification 10/03/26 14:12:44 ii : - 192.168.16.35:4500 -> [REDACTED]:4500 10/03/26 14:12:44 ii : - isakmp spi = 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:44 ii : - data size 4 10/03/26 14:12:44 >> : hash payload 10/03/26 14:12:44 >> : notification payload 10/03/26 14:12:44 == : new informational hash ( 20 bytes ) 10/03/26 14:12:44 == : new informational iv ( 8 bytes ) 10/03/26 14:12:44 >= : cookies 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:44 >= : message b22d7d76 10/03/26 14:12:44 >= : encrypt iv ( 8 bytes ) 10/03/26 14:12:44 == : encrypt packet ( 84 bytes ) 10/03/26 14:12:44 == : stored iv ( 8 bytes ) 10/03/26 14:12:44 -> : send NAT-T:IKE packet 192.168.16.35:4500 -> [REDACTED]:4500 ( 116 bytes ) 10/03/26 14:12:44 ii : DPD ARE-YOU-THERE sequence 3c457e48 requested 10/03/26 14:12:44 <- : recv NAT-T:IKE packet [REDACTED]:4500 -> 192.168.16.35:4500 ( 84 bytes ) 10/03/26 14:12:44 DB : phase1 found 10/03/26 14:12:44 ii : processing informational packet ( 84 bytes ) 10/03/26 14:12:44 == : new informational iv ( 8 bytes ) 10/03/26 14:12:44 =< : cookies 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:44 =< : message f8872032 10/03/26 14:12:44 =< : decrypt iv ( 8 bytes ) 10/03/26 14:12:44 == : decrypt packet ( 84 bytes ) 10/03/26 14:12:44 <= : stored iv ( 8 bytes ) 10/03/26 14:12:44 << : hash payload 10/03/26 14:12:44 << : notification payload 10/03/26 14:12:44 == : informational hash_i ( computed ) ( 20 bytes ) 10/03/26 14:12:44 == : informational hash_c ( received ) ( 20 bytes ) 10/03/26 14:12:44 ii : informational hash verified 10/03/26 14:12:44 ii : received peer DPDV1-R-U-THERE-ACK notification 10/03/26 14:12:44 ii : - [REDACTED]:4500 -> 192.168.16.35:4500 10/03/26 14:12:44 ii : - isakmp spi = 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:44 ii : - data size 4 10/03/26 14:12:44 ii : DPD ARE-YOU-THERE-ACK sequence 3c457e48 accepted 10/03/26 14:12:44 ii : next tunnel DPD request in 15 secs for peer [REDACTED]:4500 10/03/26 14:12:50 <- : recv NAT-T:IKE packet [REDACTED]:4500 -> 192.168.16.35:4500 ( 68 bytes ) 10/03/26 14:12:50 DB : phase1 found 10/03/26 14:12:50 ii : processing informational packet ( 68 bytes ) 10/03/26 14:12:50 == : new informational iv ( 8 bytes ) 10/03/26 14:12:50 =< : cookies 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:50 =< : message cdae21bd 10/03/26 14:12:50 =< : decrypt iv ( 8 bytes ) 10/03/26 14:12:50 == : decrypt packet ( 68 bytes ) 10/03/26 14:12:50 <= : stored iv ( 8 bytes ) 10/03/26 14:12:50 << : hash payload 10/03/26 14:12:50 << : delete payload 10/03/26 14:12:50 == : informational hash_i ( computed ) ( 20 bytes ) 10/03/26 14:12:50 == : informational hash_c ( received ) ( 20 bytes ) 10/03/26 14:12:50 ii : informational hash verified 10/03/26 14:12:50 ii : received peer DELETE message 10/03/26 14:12:50 ii : - [REDACTED]:4500 -> 192.168.16.35:4500 10/03/26 14:12:50 ii : - ipsec-esp spi = 0xddaaf6a2 10/03/26 14:12:50 DB : phase2 found 10/03/26 14:12:50 DB : cleanup, marked phase2 0xddaaf6a2 for removal 10/03/26 14:12:50 DB : phase2 soft event canceled ( ref count = 2 ) 10/03/26 14:12:50 DB : phase2 hard event canceled ( ref count = 1 ) 10/03/26 14:12:50 K> : send pfkey DELETE ESP message 10/03/26 14:12:50 K> : send pfkey DELETE ESP message 10/03/26 14:12:50 ii : phase2 removal before expire time 10/03/26 14:12:50 DB : phase2 deleted ( obj count = 0 ) 10/03/26 14:12:50 <- : recv NAT-T:IKE packet [REDACTED]:4500 -> 192.168.16.35:4500 ( 84 bytes ) 10/03/26 14:12:50 DB : phase1 found 10/03/26 14:12:50 ii : processing informational packet ( 84 bytes ) 10/03/26 14:12:50 == : new informational iv ( 8 bytes ) 10/03/26 14:12:50 =< : cookies 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:50 =< : message ffc28f81 10/03/26 14:12:50 =< : decrypt iv ( 8 bytes ) 10/03/26 14:12:50 == : decrypt packet ( 84 bytes ) 10/03/26 14:12:50 <= : trimmed packet padding ( 4 bytes ) 10/03/26 14:12:50 <= : stored iv ( 8 bytes ) 10/03/26 14:12:50 << : hash payload 10/03/26 14:12:50 << : delete payload 10/03/26 14:12:50 == : informational hash_i ( computed ) ( 20 bytes ) 10/03/26 14:12:50 == : informational hash_c ( received ) ( 20 bytes ) 10/03/26 14:12:50 ii : informational hash verified 10/03/26 14:12:50 ii : received peer DELETE message 10/03/26 14:12:50 ii : - [REDACTED]:4500 -> 192.168.16.35:4500 10/03/26 14:12:50 ii : - isakmp spi = 3a603904b57b73db:b0b5f4400d195220 10/03/26 14:12:50 DB : phase1 found 10/03/26 14:12:50 ii : cleanup, marked phase1 3a603904b57b73db:b0b5f4400d195220 for removal 10/03/26 14:12:50 DB : phase1 soft event canceled ( ref count = 4 ) 10/03/26 14:12:50 DB : phase1 hard event canceled ( ref count = 3 ) 10/03/26 14:12:50 DB : phase1 dead event canceled ( ref count = 2 ) 10/03/26 14:12:50 DB : config deleted ( obj count = 0 ) 10/03/26 14:12:50 ii : phase1 removal before expire time 10/03/26 14:12:50 DB : phase1 not found 10/03/26 14:12:50 DB : phase1 deleted ( obj count = 0 ) 10/03/26 14:12:50 DB : policy found 10/03/26 14:12:50 ii : removing IPSEC INBOUND policy ANY:192.168.0.0/24:* -> ANY:192.168.20.12:* 10/03/26 14:12:50 K> : send pfkey X_SPDDELETE2 UNSPEC message 10/03/26 14:12:50 DB : policy found 10/03/26 14:12:50 ii : removing IPSEC OUTBOUND policy ANY:192.168.20.12:* -> ANY:192.168.0.0/24:* 10/03/26 14:12:50 K> : send pfkey X_SPDDELETE2 UNSPEC message 10/03/26 14:12:50 K< : recv pfkey DELETE ESP message 10/03/26 14:12:50 ii : removed IPSEC policy route for ANY:192.168.0.0/24:* 10/03/26 14:12:51 K< : recv pfkey DELETE ESP message 10/03/26 14:12:51 K< : recv pfkey X_SPDDELETE2 UNSPEC message 10/03/26 14:12:51 DB : policy found 10/03/26 14:12:51 DB : policy deleted ( obj count = 1 ) 10/03/26 14:12:51 K< : recv pfkey X_SPDDELETE2 UNSPEC message 10/03/26 14:12:51 DB : policy found 10/03/26 14:12:51 DB : policy deleted ( obj count = 0 ) 10/03/26 14:12:51 ii : disabled adapter ROOT\VNET\0000 10/03/26 14:12:51 DB : tunnel dpd event canceled ( ref count = 3 ) 10/03/26 14:12:51 DB : tunnel natt event canceled ( ref count = 2 ) 10/03/26 14:12:51 DB : tunnel stats event canceled ( ref count = 1 ) 10/03/26 14:12:51 DB : removing tunnel config references 10/03/26 14:12:51 DB : removing tunnel phase2 references 10/03/26 14:12:51 DB : removing tunnel phase1 references 10/03/26 14:12:51 DB : tunnel deleted ( obj count = 0 ) 10/03/26 14:12:51 DB : removing all peer tunnel refrences 10/03/26 14:12:51 DB : peer deleted ( obj count = 0 ) 10/03/26 14:12:51 ii : ipc client process thread exit ... crypto ipsec transform-set strong esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map dynMap 10 set transform-set strong crypto dynamic-map dynMap 10 set reverse-route crypto map cableMap 10 ipsec-isakmp dynamic dynMap crypto map cableMap interface cable crypto isakmp enable cable crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 1000 group-policy vpnPolicy internal group-policy vpnPolicy attributes dns-server value 192.168.0.43 vpn-idle-timeout none vpn-session-timeout none split-tunnel-policy tunnelspecified split-tunnel-network-list value split-tunnel default-domain value domain.local split-dns value domain.local tunnel-group vpnGroup type remote-access tunnel-group vpnGroup general-attributes address-pool DM-VPN-POOL authentication-server-group vpn default-group-policy vpnPolicy tunnel-group vpnGroup ipsec-attributes pre-shared-key * isakmp keepalive threshold 15 retry 10
_______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
