The "latest" (still two years old) Cisco 64-bit client is 5.0.07.0440, and can be download from here http://www.asc.edu/downloads/CiscoVPN/Windows/, not that it will change anything, but it's the version I was testing with under Windows 8 x64. My main complaint with the Cisco client, is it sets the MTU to 1300 on all of your adapters, not just its own virtual one. The Shrew client uses a 1380 MTU (by default) for only its virtual adapter. Not that this has anything to do with your problem.
What type of device are you connecting through for Internet? I don't think the iked.log came through on your original post - I'd like to see it. In about a week I'll have a Cisco ASA gateway set up in a lab environment - perhaps you could try connecting to it after it's provisioned, just to see if you experience the same symptoms with a different gateway. -Jim From: Goncalo Oliveira [mailto:[email protected]] Sent: Tuesday, July 30, 2013 7:26 AM To: Harle Jim Cc: [email protected] Subject: Re: [vpn-help] Cisco VPN Hi Jim, Thanks for replying. I have tried using both 32-bit and 64-bit, version 5.0.07.0240. 64-bit is always dropping and sometimes it just stops working - had to re-install. The 32-bit is a bit more stable but still it's not very natural to windows 8 and is unstable. I was hoping I could replace it with Shrew client, it looks very good and the drivers hassle is cleaner. However, it's not going for phase 2. I already tried using 'force-rfc' on NAT traversal. I do know that even Cisco client dropped the first time it tried to connect; it would only work at the second attempt, don't know if that can be helpful in anyway. Any thoughts? On 29 July 2013 19:45, Jim Harle <[email protected]<mailto:[email protected]>> wrote: What problems are you having with the Cisco client, and which version is it? 32-bit or 64-bit? Regarding the Shrew client, have you tried setting the NAT traversal to 'force-rfc' ? From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Goncalo Oliveira Sent: Monday, July 29, 2013 7:23 AM To: [email protected]<mailto:[email protected]> Subject: Re: [vpn-help] Cisco VPN Any ideas, anyone? On 23 July 2013 14:15, Goncalo Oliveira <[email protected]<mailto:[email protected]>> wrote: Hi there, We've been working with Cisco VPN Client 5.0 for some time, though, after installing windows 8 this is not a stable option. So, Shrew came to the rescue. The login to the VPN is made through group authentication, so the configurations are as follows General Remote host Host name or IP address: our provider vpn host name Auto configuration: ike config pull Local host virtual adapter Client Firewall NAT Traversal: enable IKE fragmentation: enable Other options Enable dead peer detection: unchecked Name resolution DNS, automatically WINS off Authentication Method: Mutual PSK + XAuth Local identity Identification type: Key identifier Key ID string: our group name identifier Remote identity Identification type: any (also tried IP address) Credentials Pre shared key: our group password Phase1 Exchange type: aggressive DH Exchange: group 2 Phase 2 PFS Exchange: group 2 (also tried auto and disabled) Phase 1 seems to go well, but phase 2 not so well, keeps writing 'config resend event schedule'. I'm attaching the iked.log, as there might be something useful there. Can anyone help me out on this? Thanks. Best regards -- Gonçalo Oliveira -- Gonçalo Oliveira -- Gonçalo Oliveira
_______________________________________________ vpn-help mailing list [email protected] https://lists.shrew.net/mailman/listinfo/vpn-help
