On 12/16/2011 09:35 AM, Andrew Fischer wrote:
Kevin,
I did some more testing late yesterday. I also spoke with ACES AdTran
support.
The problem is more than likely one of my wireless routers. With the
affected router I can connect with wired or wireless on two other
laptops - one is XP and the other is win 7 x64 without the MS Virtual
WiFi. The laptops that have the MS Virtual WiFi will only connect on
that network with a wired LAN. Those SAME MS Virtual WiFi laptops
will connect to the VPN on OTHER WIFI networks. They just won't
connect on the network they were being tested on.
I have ruled out the ISP, because I have connected with the same ISP.
I would bet if I replaced the wireless router with a known compatible
router that the issue would be resolved. This may take a couple of
weeks to get that far, but I will let you know.
Thanks,
Andy
-----Original Message----- From: Kevin VPN [mailto:[email protected]]
Sent: Thursday, December 15, 2011 9:39 PM To: Andrew Fischer Subject:
Re: [vpn-help] failing with WLAN connection on Win7 x64 [Shrew
2.2.0]
On 12/14/2011 10:55 PM, Andrew Fischer wrote:
Hello Kevin,
AdTran NetVanta 3450 with the lastest O/S Sony Windows 7 x64 Home
prem (this system) several diff models of Dell X64 Win 7 Pro Client
ver 2.1.5 this time
I have tried cient version 2.1.5, 2.1.7, 2.20 beta 1 and 2.
(restarted the laptops)
I tried to renable and disable the MS WIFI (restarted the laptops)
The vpn config works on and computer that does not have the MS
WIFI adapter and fails on all of the computers that have it
The VPN will connect from the LAN adapter on all computers.
Windows XP, Windows 7 x64, win 7 32 bit
removed antivirus.
Here is the requested info.
Hi Andy,
The symptoms in the iked.log look like the Virtual WiFi problem, in
that Shrew never receives response packets. Your ipconfig doesn't
look unusual either. You didn't include a route print output, but
that's not a big deal. I doubt your routing table is messed up since
you say it works over the LAN adapter.
Shrew clients 2.1.5 and 2.1.7 have a conflict with the Microsoft
Virtual WiFi Miniport adapter. The workaround for these clients is
to disable the Virtual WiFi adapter.
Shrew clients 2.2.0 beta have a fix for the conflict and you should
be able to run Shrew side by side with the WiFi Miniport. This has
been correct for nearly a year (since the beta1 came out). We've had
two reports this week where they have not worked together.
I'm not sure what has changed. Maybe Microsoft patched something
Tuesday and now the conflict is back?
The other person who reported a problem managed to solve the problem
by disabling the Virtual WiFi and by using the 2.2.0 client. Maybe
try that again?
Hi Andy,
I took the liberty to post this back to the list so that others could
see the results of your thorough trials.
What router is the one that is failing? Vendor, etc?
I'm curious as to why that router would work with the devices without
Virtual WiFi and would not for the ones that do. That suggests to me
that even when the Virtual WiFi adapter is disabled, something is
different (structure or content) about the packets sent from those
machines. I'd love to find out what it is - to me that sounds like the
slightly different packet is causing the AdTran to choke on it.
It may be that the problem is actually two-part: the presence of Virtual
WiFi results in a different packet format or IPSec connection option (I
don't want to say it's an OS bug as it may still be in spec) coupled
with possibly a limited IPSec pass-through implementation on the router
(it may only support the most common connections) that does not include
the Virtual WiFi scenario.
If you know how to use Wireshark, I'd be willing to look at some packet
traces you've taken using a machine without Virtual WiFi and another
that has it installed to see if there's packet format differences.
(Unfortunately I don't have a Win7 machine without Virtual WiFi.) We
could also use the Shrew trace utility to get decoded IPSec traces, but
I don't know the spec at all.
Regardless, thanks very much for reporting back. If you do find any
more information, please post it.
And of course if we can help, please ask away.
_______________________________________________
vpn-help mailing list
[email protected]
http://lists.shrew.net/mailman/listinfo/vpn-help
