Cisco VPN connections timeout unreasonably

Installation, configuration and troubleshooting of the Cisco VPN Client on Linux systems

Cisco VPN connections timeout unreasonably

Postby Karotos » Fri Oct 22, 2010 3:14 am

Hi everyone! This is a rather unusual problem, which I post here mostly for informational reasons to the developers, as I am not in a rush to fix it ASAP.
I installed vpnclient-linux-x86_64-4.8.02.0030-k9 on kubuntu 10.10(64bit) on a intel core 2 duo. I didn't use a vanilla version, but the one provided by my university, whose only difference (or so I think) is that it also contains the specific .pcf file in the tarball.
After patching, I managed to install it and connect to the university network. The only thing that exists there, is one single web server. Problem: After the connection, I am able to access that server for a very short period of time (one minute max, some seconds min). After that, the requests time out and the whole network is dead for another 1-2 minutes, when finally vpnclient exits with the message:
"Secure VPN Connection terminated locally by the Client
Reason: Remote peer is no longer responding.
Disconnecting the VPN connection."

Now, the diagnostics I performed:
a. I totally removed network-manager. I hate it!
b. /etc/resolv.conf is altered by vpnclient, but remains the same way for the whole vpn session, so no dns problems occur (or so I think).
c. nslookup says that the university dns times out too, right after the site stops responding.
d. Wireshark shows encrypted in/out traffic until the time the server dies, after that only outbound traffic occurs. No other incoming packets of any kind. I don't have enough networking knowledge to analyse the packets so far.
e. route output looks something like this before the network death:

Destination Gateway Genmask Flags Metric Ref Use Iface
193.201.22.62 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0
192.168.221.0 * 255.255.255.0 U 0 0 0 cipsec0
default vpn-student 0.0.0.0 UG 0 0 0 cipsec0

and like this after the network death:

Destination Gateway Genmask Flags Metric Ref Use Iface
193.201.22.62 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0
192.168.221.0 * 255.255.255.0 U 0 0 0 cipsec0
default 192.168.221.1 0.0.0.0 UG 0 0 0 cipsec0

I noticed the difference at the default destination, but I don't know if this does matter.
f. My network looks like this: Computer--->DSL router---->ISP. Also, I am able to perfectly connect with a XP notebook and the same kubuntu machine, running windows 7 64bit.

I would be glad to answer any questions and perform any further tests, If someone has an interest on this.

Thank you in advance :)
Karotos
Private
Private
 
Posts: 1
Joined: Fri Oct 22, 2010 2:47 am

Re: Cisco VPN connections timeout unreasonably

Postby gfb » Mon Jan 24, 2011 11:10 am

hi,

Did you ever manage to resolve this? I am experiencing a similar issue.
Running Ubuntu 10.10, kernel 2.6.32-21-generic with patches from:
http://www.shuvoovuhs.com/linux/install ... k-meerkat/

The vpn running perfectly fine for a while. Then when/if it times out it causes all my network processes to hang. I can't ssh, run subversion or anything. The only thing that seems to continue to work is ping.
The only way to resolve the issue is to do a vpnclient disconnect.

best regards
gfb
gfb
Private
Private
 
Posts: 2
Joined: Mon Jan 24, 2011 11:05 am


Return to Cisco VPN Client on Linux systems

Who is online

Users browsing this forum: No registered users and 11 guests

cron