Can't establish vpn connection

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
4 posts Page 1 of 1
by markoleary » Sun Sep 25, 2011 4:38 pm
Hi,

I've been working with Sonic support on this and they suggested I post here to see if anyone else has any ideas. My problem is that I can't establish a vpn connection to either Sonic or my company vpn. If I borrow my neighbor's wifi, I can connect to the company vpn fine (though not to the Sonic one). I've tried it on several computers, same deal. I'm attaching the verbose Cisco vpn log hoping that someone who knows the protocols can help out.

Appreciate any help!

thx
Mark

Cisco Systems VPN Client Version 5.0.02.0090
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.0.2195 Service Pack 4

77 16:40:00.835 09/25/11 Sev=Info/4 CM/0x63100002
Begin connection process

78 16:40:00.855 09/25/11 Sev=Info/4 CM/0x63100004
Establish secure connection

79 16:40:00.855 09/25/11 Sev=Info/4 CM/0x63100024
Attempt connection with server "ipsec.vpn.sonic.net"

80 16:40:00.855 09/25/11 Sev=Info/6 IKE/0x6300003B
Attempting to establish a connection with 208.201.249.242.

81 16:40:00.875 09/25/11 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 208.201.249.242

82 16:40:01.106 09/25/11 Sev=Info/4 IPSEC/0x63700008
IPSec driver successfully started

83 16:40:01.106 09/25/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys

84 16:40:06.113 09/25/11 Sev=Info/4 IKE/0x63000021
Retransmitting last packet!

85 16:40:06.113 09/25/11 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (Retransmission) to 208.201.249.242

86 16:40:11.120 09/25/11 Sev=Info/4 IKE/0x63000021
Retransmitting last packet!

87 16:40:11.120 09/25/11 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (Retransmission) to 208.201.249.242

88 16:40:16.127 09/25/11 Sev=Info/4 IKE/0x63000021
Retransmitting last packet!

89 16:40:16.127 09/25/11 Sev=Info/4 IKE/0x63000013
SENDING >>> ISAKMP OAK AG (Retransmission) to 208.201.249.242

90 16:40:21.134 09/25/11 Sev=Info/4 IKE/0x63000017
Marking IKE SA for deletion (I_Cookie=F29329AFAB740CFA R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING

91 16:40:21.635 09/25/11 Sev=Info/4 IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=F29329AFAB740CFA R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING

92 16:40:21.635 09/25/11 Sev=Info/4 CM/0x63100014
Unable to establish Phase 1 SA with server "ipsec.vpn.sonic.net" because of "DEL_REASON_PEER_NOT_RESPONDING"

93 16:40:21.645 09/25/11 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv

94 16:40:21.675 09/25/11 Sev=Info/6 CM/0x63100046
Set tunnel established flag in registry to 0.

95 16:40:21.675 09/25/11 Sev=Info/4 IKE/0x63000001
IKE received signal to terminate VPN connection

96 16:40:22.136 09/25/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys

97 16:40:22.136 09/25/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys

98 16:40:22.136 09/25/11 Sev=Info/4 IPSEC/0x63700014
Deleted all keys

99 16:40:22.136 09/25/11 Sev=Info/4 IPSEC/0x6370000A
IPSec driver successfully stopped

100 16:40:29.837 09/25/11 Sev=Info/4 FIREWALL/0x63A00003
BLOCK: TCP 74.125.224.96:80 to 192.168.0.104:1560

101 16:40:30.348 09/25/11 Sev=Info/4 FIREWALL/0x63A00003
BLOCK: TCP 74.125.224.115:80 to 192.168.0.104:1561
by kgc » Mon Sep 26, 2011 4:05 pm
Since you can connect if using your neighbor's wi-fi it sounds like your wi-fi router is blocking the traffic. You may have to enable vpn pass through or some similar option on the router. It may also work by toggling the transport protocol. (TCP vs UDP)
Kelsey Cummings
System Architect, Sonic.net, Inc.
by markoleary » Sat Oct 01, 2011 11:51 am
Thanks. I've been trying to find any such options on the ZTE ZXV10 W300 that I bought from Sonic but am not sure what I should be changing. Should I be running in bridged or routed mode - it's set up for 1483 Bridged IP LLC now...
by kgc » Tue Oct 04, 2011 12:17 pm
Given the private addressing in the logs you must have another NAT device on the network? Does the ZTE plug into a wifi router or other NAT device? If so, that's where you would need to enable VPN passthrough - not in the ZTE.
Kelsey Cummings
System Architect, Sonic.net, Inc.
4 posts Page 1 of 1

Who is online

In total there are 11 users online :: 1 registered, 0 hidden and 10 guests (based on users active over the past 5 minutes)
Most users ever online was 422 on Sat May 26, 2012 5:28 am

Users browsing this forum: Google [Bot] and 10 guests