Cisco VPN connecting problem

Similar Messages

• Cisco VPN Connection Problems

  Hello Everyone,
  We're having a problem with the Cisco VPN connection capability in Snow Leopard.
  The transaction complains that our shared secret is incorrect. What I believe is happening is that certain assumptions are made about the IKE proposals and encryption etc. There doesn't appear to be a place to tailor these in the connection profile. There may be at the system level (which I'm unaware of).
  Has anyone else experienced this problem?
  I believe the same problem applies to the iPhone's Cisco VPN connector.
  Furthermore, Cisco is not providing Snow-Leopard IPSec home-to-network clients any longer; they are promoting the AnyConnect SSL VPN instead, for which they have a BETA build available specifically for Snow Leopard.
  So this reduces our options (yes, I'm working on VPNTracker).
  Thank you.

  It is a known limitation that you are only able to establish a single VPN connection to the same VPN server through a router doing NAT like yours.
  What client exactly do you use and what settings did you define there?

• Cisco vpn connect problem with 3g dongle

  Hi,
  I am trying to connect cisco vpn but every time i am getting following error while trying to connect from huawei 3g usb dongle in win8. for win7 it works fine with no issue. Also the problem is only form datacard, form lan and wireless interaface i can easily connect to vpn without any issue. Any help/idea/suggestion highly appreciated?
  Cisco Systems VPN Client Version 5.0.07.0440
  Copyright (C) 1998-2010 Cisco Systems, Inc. All Rights Reserved.
  Client Type(s): Windows, WinNT
  Running on: 6.2.9200
  25     08:06:46.846  12/25/13  Sev=Info/4    CM/0x63100002
  Begin connection process
  26     08:06:46.848  12/25/13  Sev=Info/4    CM/0x63100004
  Establish secure connection
  27     08:06:46.848  12/25/13  Sev=Info/4    CM/0x63100024
  Attempt connection with server "116.68.208.113"
  28     08:06:46.849  12/25/13  Sev=Info/6    IKE/0x6300003B
  Attempting to establish a connection with 116.68.208.113.
  29     08:06:46.855  12/25/13  Sev=Info/4    IKE/0x63000001
  Starting IKE Phase 1 Negotiation
  30     08:06:46.858  12/25/13  Sev=Info/4    IKE/0x63000013
  SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 116.68.208.113
  31     08:06:47.145  12/25/13  Sev=Info/4    IPSEC/0x63700008
  IPSec driver successfully started
  32     08:06:47.145  12/25/13  Sev=Info/4    IPSEC/0x63700014
  Deleted all keys
  33     08:06:52.144  12/25/13  Sev=Info/4    IKE/0x63000021
  Retransmitting last packet!
  34     08:06:52.144  12/25/13  Sev=Info/4    IKE/0x63000013
  SENDING >>> ISAKMP OAK AG (Retransmission) to 116.68.208.113
  35     08:06:57.144  12/25/13  Sev=Info/4    IKE/0x63000021
  Retransmitting last packet!
  36     08:06:57.144  12/25/13  Sev=Info/4    IKE/0x63000013
  SENDING >>> ISAKMP OAK AG (Retransmission) to 116.68.208.113
  37     08:07:02.145  12/25/13  Sev=Info/4    IKE/0x63000021
  Retransmitting last packet!
  38     08:07:02.145  12/25/13  Sev=Info/4    IKE/0x63000013
  SENDING >>> ISAKMP OAK AG (Retransmission) to 116.68.208.113
  39     08:07:07.145  12/25/13  Sev=Info/4    IKE/0x63000017
  Marking IKE SA for deletion  (I_Cookie=97205EA6A12866F0 R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING
  40     08:07:07.645  12/25/13  Sev=Info/4    IKE/0x6300004B
  Discarding IKE SA negotiation (I_Cookie=97205EA6A12866F0 R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING
  41     08:07:07.645  12/25/13  Sev=Info/4    CM/0x63100014
  Unable to establish Phase 1 SA with server "116.68.208.113" because of "DEL_REASON_PEER_NOT_RESPONDING"
  42     08:07:07.645  12/25/13  Sev=Info/5    CM/0x63100025
  Initializing CVPNDrv
  43     08:07:07.645  12/25/13  Sev=Info/6    CM/0x63100046
  Set tunnel established flag in registry to 0.
  44     08:07:07.645  12/25/13  Sev=Info/4    IKE/0x63000001
  IKE received signal to terminate VPN connection
  45     08:07:08.146  12/25/13  Sev=Info/4    IPSEC/0x63700014
  Deleted all keys
  46     08:07:08.146  12/25/13  Sev=Info/4    IPSEC/0x63700014
  Deleted all keys
  47     08:07:08.146  12/25/13  Sev=Info/4    IPSEC/0x63700014
  Deleted all keys
  48     08:07:08.146  12/25/13  Sev=Info/4    IPSEC/0x6370000A
  IPSec driver successfully stopped
  49     08:19:59.202  12/25/13  Sev=Info/4    CM/0x63100002
  Begin connection process
  50     08:19:59.202  12/25/13  Sev=Info/4    CM/0x63100004
  Establish secure connection
  51     08:19:59.202  12/25/13  Sev=Info/4    CM/0x63100024
  Attempt connection with server "116.68.208.113"
  52     08:19:59.202  12/25/13  Sev=Info/6    IKE/0x6300003B
  Attempting to establish a connection with 116.68.208.113.
  53     08:19:59.202  12/25/13  Sev=Info/4    IKE/0x63000001
  Starting IKE Phase 1 Negotiation
  54     08:19:59.218  12/25/13  Sev=Info/4    IKE/0x63000013
  SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 116.68.208.113
  55     08:19:59.656  12/25/13  Sev=Info/4    IPSEC/0x63700008
  IPSec driver successfully started
  56     08:19:59.656  12/25/13  Sev=Info/4    IPSEC/0x63700014
  Deleted all keys
  57     08:20:04.656  12/25/13  Sev=Info/4    IKE/0x63000021
  Retransmitting last packet!
  58     08:20:04.656  12/25/13  Sev=Info/4    IKE/0x63000013
  SENDING >>> ISAKMP OAK AG (Retransmission) to 116.68.208.113
  59     08:20:09.656  12/25/13  Sev=Info/4    IKE/0x63000021
  Retransmitting last packet!
  60     08:20:09.656  12/25/13  Sev=Info/4    IKE/0x63000013
  SENDING >>> ISAKMP OAK AG (Retransmission) to 116.68.208.113
  61     08:20:14.656  12/25/13  Sev=Info/4    IKE/0x63000021
  Retransmitting last packet!
  62     08:20:14.656  12/25/13  Sev=Info/4    IKE/0x63000013
  SENDING >>> ISAKMP OAK AG (Retransmission) to 116.68.208.113
  63     08:20:19.656  12/25/13  Sev=Info/4    IKE/0x63000017
  Marking IKE SA for deletion  (I_Cookie=46B8917FD54C64AC R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING
  64     08:20:20.156  12/25/13  Sev=Info/4    IKE/0x6300004B
  Discarding IKE SA negotiation (I_Cookie=46B8917FD54C64AC R_Cookie=0000000000000000) reason = DEL_REASON_PEER_NOT_RESPONDING
  65     08:20:20.156  12/25/13  Sev=Info/4    CM/0x63100014
  Unable to establish Phase 1 SA with server "116.68.208.113" because of "DEL_REASON_PEER_NOT_RESPONDING"
  66     08:20:20.156  12/25/13  Sev=Info/5    CM/0x63100025
  Initializing CVPNDrv
  67     08:20:20.156  12/25/13  Sev=Info/6    CM/0x63100046
  Set tunnel established flag in registry to 0.
  68     08:20:20.156  12/25/13  Sev=Info/4    IKE/0x63000001
  IKE received signal to terminate VPN connection
  69     08:20:20.156  12/25/13  Sev=Info/4    IPSEC/0x63700014
  Deleted all keys
  70     08:20:20.156  12/25/13  Sev=Info/4    IPSEC/0x63700014
  Deleted all keys
  71     08:20:20.156  12/25/13  Sev=Info/4    IPSEC/0x63700014
  Deleted all keys
  72     08:20:20.156  12/25/13  Sev=Info/4    IPSEC/0x6370000A
  IPSec driver successfully stopped

  Hi Karsten,
  Thank you for the reply !!! & best wishes for the new year 2014.
  The problem is like this, if i select datacard connection type to NDIS it works but it doesnt work when i select RAS(modem) connection type for 3G datacard it doesnt. (NDIS and RAS(Modem) connection types are the 2 modes currently supporetd by the datacard.). Is there any case the users are experiencing from the similar problem? and what they have done to solve the issues? And thank you for the workaroung, i have checked the shrew-soft with win7 and it was working fine but not on win8, i will check shrew-soft on win8 very soon. Also we can move to the anyconnect solution but just want to know if this can solve our problem or not? whether there will be any issues with anyconnect solution for win 8 or not? can you please confim.
  Thank you

• Cisco VPN connects but then no services are available.

  Where to start:
  I have a situation where by my remote office, 5 machines, connects to head office via Cisco VPN client.
  Recently we have been able to make a vpn connection but once connected we have no services available like connecting to servers, internet, network drives, voip phone or even pinging any of the services. We get an IP address on the virtual network adaptor created by vpn connection but then nothing.
  After a hec of amount of troubleshooting I swapped out our router, Draytek Vigor 2820, for another 2820. Same problem. I then took my Draytek Vigor from home, that does work, to the office and it works perfectly fine using the 2600 router in the office. I then tried a dlink router and that worked in office as well. So it has something to do with the 2820 router. It has been working fine for months and now recently, having changed nothing on it, it has stopped working for us with Cisco vpn connection. Does anyone have any clues as to why and what I could do on the router to resolve issue or could it be something on the cisco side that needs changing? I have already updated firmware to latest version on router.
  Any help / advice would be great appreciated.
  Regards,
  Ashley

  Can you please share the configuration as there might be something that change after the upgrade that might cause the issue.

• Cisco vpn connection

  I am tryijng to set up a cisco vpn connection.
  I tried to do it manually throygh setting set up a vpn connection an by installion a config.
  Always i get the message "voer de gebruikersgegevens in" what means in English enter your user contents or something.
  I tried everything, setting of my Wifi before configuring
  The information I filled in are:
  Beschrijving: Optimix VPN
  Server: 195.18.88.130
  Account: my username
  Password: .....
  Uses cert: no
  Groepsnaam: Optimixmobiel
  Geheim: .....
  Can somebody tell me what the problem is?
  Kindly regards

  I have the same problem. I configured My iPhone to connect my PIX trough VPN.
  In the first time the first phrase wouldn't succeeded.
  But I read this ( http://blogs.oreilly.com/iphone/2008/07/strong-passwords-can-hurt.html ) and that's now not really the problem. (to strong pw)
  When I let the iPhone connect I see a popup 'Enter User Authentication' if I chose OK, its gone (I have the Dutch version)
  If I see the syslog I see this: Authentication failed for user ''
  it looks like the iPhone send an empty user account?
  How can we fix this?
  Regards,
  Dennis Kortekaas
  The Netherlands

• Mac Lion and Cisco VPN client problems

  I just installed Lion 10.7 on my iMac and can no longer use the downloaded Cisco VPN client to connect to Microsoft Remote Desktop and access the PC in my company's office. When I try to launch the VPN client I get Error 51. I used to be able to enter a command in the Terminal as a workaround to use the VPN client when that happened, but that no longer works. I have tried booting into 32-bit mode; doesn't work. I tried to use the Cisco client built into Lion using settings provided by my company. When I try to connect I get the following message: "The negotiation with the VPN server failed. Verify the server address and try reconnecting."
  I have searched the web looking for a solution. My company's tech department is stumped; the Apple Geniuses haven't been able to help. Does anyone have any ideas how I can use either the downloaded Cisco VPN client or the client built into Lion?
  Sent from Cisco Technical Support iPad App

  Here is the link which you can use to configure the inbuilt VPN client in MAC Lion.
  http://glazenbakje.wordpress.com/2011/07/28/how-to-create-a-cisco-vpn-connection-in-apple-mac-os-x-lion/
  Make sure you configure the attributes correctly.
  Secondly the inbuilt VPN client code of Lion is made in collaboration with Cisco so there will not be any issues of compatibility.
  Cheers,
  Rohan

• Out of ideas diagnosing VPN connection problems

  I'm having trouble narrowing down what's causing the VPN connection problems to my new Mini Server. Sometimes I can connect just fine with my MacBookPro and use all the resources like file sharing, etc. So, this leads me to believe it has been setup correctly. But then, for no reason at all (maybe it's later in the same day, or a completely different day) it will just stop working and I cannot connect at all.
  *MacBook and iMac at home cannot connect, but iPhone can*
  This is what's really throwing me off. This afternoon, I cannot connect to the server from home with my MacBook or my iMac. BUT, my iPhone can -using the same WiFi network my computers are on, not the cellular network. How could that be? The VPN settings on all 3 devices match exactly.
  *Colleagues with other ISP's can connect, while I cannot*
  I've called Comcast business (which provides the static IP for our office server) and they tell me all my settings are correct for allowing VPN traffic through. Likewise, Comcast Residential tells me there is nothing that would block VPN traffic from my home. They tell me to talk with Apple. argh!
  *Web and Server Admin services are still accessible when VPN is not working*
  We have exposed the Server's Web and Admin services without needing a VPN connection to access them. Since these services are accessible to me even when the VPN is not working, this leads me to believe the server is operating normally and capable of receiving incoming traffic.
  I'm out of ideas and I'm starting to lose my mind!!! Any ideas on why my 2 computers sometimes can connect, yet sometimes cannot...all the while, my iPhone can connect just fine over the same network???

  I don't have an explanation for the erratic nature of your connections. It's only as I've said before, in my experiences with such problems it has always traced back to misconfigured network or DNS settings. mDNS is multicast DNS and it's a protocol Apple uses so its devices can find each other easily. That may be the reason why your iPhone can connect when other things can't.
  To take a step back, here is how I think things should be set up:
  \- Your dedicated IP address should be assigned to your router automatically through PPPoE
  \- The name servers as set in your router should be your ISP's name servers
  \- Make sure the server has only one connection to the router that is managing the dedicated IP, either wired or wireless, but not both
  \- A static network address should be assigned to your server's MAC address in the router's DHCP settings
  \- The server's network address should be put in the DMZ on the router or set as the default server in the NAT settings, depending on the router
  \- The network settings in System Preferences on the server should be set to DHCP with manual address and the server's network address entered correctly
  \- The router address should be listed correctly in the network settings in System Preferences on the server
  \- The name servers in the network settings in System Preferences on the server should be 127.0.0.1 and the router's IP address, nothing else.
  \- The zone files on the server should have a primary and reverse zone for each domain name and its network address. Do not use the dedicated IP address in the zone files on the server.
  If everything is set as I described, it should work. If it doesn't, it's time to call a witch doctor or an exorcist.

• Cisco VPN connection drops on airport extreme on OS X 10.6.7

  I recently bought Airport Extreme and I must say the wifi coverage and strength is amazing compared to the DLink or Belkin routers that I tried. THe whole thing setup like in 2 minutes. Love it.
  Now the problem. I use CISCO VPN provided by work a lot as I work from home frequently. I have found that the VPN connection drops like in 2-5 minutes of connecting. I looked through the several threads and apple response " to use NAT-T in CISCO VPN preferences". Only thing is that I did not see any NAT setting options in preferences and also I am unable to edit anything in the CISCO VPN pref (probably things locked out by our IT who provided the vpn software).
  I also tried someone's suggestion that I switch to manual radio channels in the airport utility config - but that didn't work either.
  Any suggestions?
  I am on OS X 10.6.7 and CISCO VPN CLIENT 4.9.0.1.0180
  URGENT HELP NEEDED

  airport is off how can i turn it on?
  Click on the AirPort icon in the OS X menu bar. Select "Turn Wi-Fi On" or "Turn AirPort On" as appropriate.
  how can i reinstall mac os x 10.6.7?
  I would suggest that you start with the Snow Leopard installation disk. You can then update to 10.6.7 from Software Update.

• VPN Connection Problems

  I have an apple TC at home, running firmware version 7.6.1, and I can't connect to a VPN server at my work through the TC wifi.  If I connect my macbook directly to my modem with an ethernet cable, I can connect without difficulties.  When attempting to connect through the TC wifi, the VPN status indicator says that I connect and authenticate, but when I attemp to access a secured, internal website or computer at my work nothing connects.
  Any suggestions?  Happy to provide more info on my setup and devices if you need it.
  Thanks for your help.

  mwjaeger wrote:
  I turned off 'Back to my Mac' after reading an article about it using ports soemtimes used for VPN connection but it didn't seem to help.
  Turning off BTMM does not change the port allocation in the TC.. that is where the problem is.
  Can you be more specific about the ports required for my VPN?  The setup in my network connections on the MPBP points to my work website and everything else (except for my my password) seems to be automatic without mentioning any specific port numbers.  If I did find the required port number from the tech support guys at work, how exactly do I set them on my MBP.
  This setup again has nothing to do with the MBP.. it is the router where the issue is.. as clearly your initial experiment connecting directly to the modem shows.. it is open ports on the router that you need to do.
  I cannot tell you which ports without knowing what vpn client you are using. That is why my previous post began.. what vpn and what client??? Perhaps I should put it in bold.. WHAT VPN CLIENT DO YOU USE?
  Is it a built in client in Mac OS.. or is it a Cisco client or some other brand software client.. tell me that.. and I can probably figure out the ports.
  The vpn client should also have a log.. that will likely have useful information about why the VPN cannot connect.
  Also, I have an old linksys router.  How do I connect this into my setup if I put the TC into bridge mode?
  Connect the Linksys up to the modem in router mode.. bridge the TC. The Linksys will now be the main router and handle the connection. The TC becomes a dumb WAP and switch plus network hard disk.
  Will all my devices setup to run from and back-up to the TC still work?
  Yes, the network will still function as it did. You do not need to change the TC wireless or other settings.. just bridge instead of main router.
  Look in the Linksys for VPN pass-through. Some have it set automatically.. others require it checked.
  If you run into issues.. I need the exact model number and firmware revision to work out how to fix vpn.

• No Cisco VPN Connection through AEBS

  I have an HP nc8430 for work and had no problem connecting through a my home cable modem, AEBS and Cisco VPN tunnel to our secure network at work. Inexplicably the wireless connection via the VPN has stopped working. The PC can connect to the Internet directly through the AEBS as long as the VPN is not connected and can directly connect from the cable modem and VPN using an ethernet cable (wired connection). Does anyone have any suggestions? The IT "gurus" at work have been of little help.
  12 PowerBook G4   Mac OS X (10.4.9)  

  Hi Fred!
  I suggest posting your question in a more appropriate forum such as the AirPort for Windows forum found here <http://discussions.apple.com/forum.jspa?forumID=1014>. This fourm is dedicated to Mac and Windows compatibility issues.
  On a side note, while it may be popular to call the folks in the IT world "gurus" while rolling your eyes, keep in mind that just because they can't help you doesn't mean they don't know their jobs. (I would never expect a General Practioner doctor to be knowledgeable in heart surgery.) In this case they should only be expected to support your computer connecting directly to the Internet and then to your company network. Your network (the AEBS) is your responsibility, not theirs. If they try to help you and fail then be glad you at least have an IT group that's open to working with you. Some aren't willing to even go that far.
  Best of luck finding your answer! bill
  1 GHz Powerbook G4   Mac OS X (10.4.9)  

• Cisco AnyConnect connection problem over WiFi

  Hi guys, 
  I'm having some problem with Cisco AnyConnect connections.
  hardware: ASA 5515-x with AnyConnect Essentials.
  software:  ASA Software Version 9.1(2)8
                  anyconnect-win-3.1.05187-k9.pk
                  Internet Explorer 11 on computers
  Problem:
  Can't connect with the AnyConnect WebLaunch on WiFi. 
  it's stucked for about 20sec at "Please wait while the VPN connections is established"
  Then we get this error message "The IPsec VPN connection was terminated due to an atuchentication failure or timeout...."
  If I click Connect in the AnyConnect Client it connects and I login with my credentials without any problem.
  First thought was that my test-computer was the problem, but have tried with 3 different PCs with different hardware.  
  If i plugg in a network cable it works perfect with the WebLaunch.
  Has anyone experience the same problem and have a solution?
  Thanks in advance!
  br
  Robin
  Update: 
  I still go the problem, I've updated our FW to ASA9.2(2.4).
  Anyone have a clue? It works good on two of our ASA5505.

  The Windows Vista PC that were having problem connecting via AnyConnect, were they an upgrade from Windows XP? If they are, and they have AnyConnect installed prior, it needs to be uninstall prior to upgrading to Windows Vista as per the AnyConnect release notes:
  http://www.cisco.com/en/US/partner/docs/security/vpn_client/anyconnect/anyconnect24/release/notes/anyconnect24rn.html
  Also, you might want to double check that the Vista is either with SP2 or Vista SP 1 with KB952876.

• Cisco VPN compatibility problem

  I am running the Cisco VPN client (version 2.5.1025) on a late 2010 iMac and on a late 2010 Macbook Air (both running OS 10.6.7). On the iMac, there is a problem after closing the VPN connection and quitting the client: most things are normal, but I no longer have internet access on the iMac.  While I seem to have a local ip address and name server, according to system setting, the internet hangs.  This is true both for wired and for wireless internet. The only solution seems to be to restart the iMac, and then everything is normal.
  Exactly the same version of the Cisco client works fine on the Macbook Air.  It quits normally.  I have no problem accessing the internet after quitting.
  Can you give me any help?

  Where did you find this Cisco VPN Client? Did you download it from iTunes as an application?
  Or was it the VPN Client that comes as part of the 1.1.4 jailbreak?

• Cisco VPN connection just 'hangs', during connection.

  Hello all.
  I have installed Cisco VPN Client 4.6.00.0045, every so often when I try to connect it, it prompts for the username and password, which I enter, then it appears to try and connect but nothing, I have left it and left it for over 1hr at times, to see is its just slow, but nothing.
  If I try and click on the Cancel Connection option, it doesnt cancel, if I use Task Manager, to end task it doesnt, the only way I appear to be able to 'get the system running' is by restarting the workstation.
  My workstation is on a works network, other PCs are able to connect using the same VPN details, so it cant be Firewall etc...
  My PC is running XP Pro SP2
  Any ideas on what could be the problem?
  Extract from a screen shot and logs belows;
  Securing communications channel
  Initializing the connection
  Contacting the security gateway at xxx.xxx.xxx.xxx?
  Authenticating user
  Contacting the security gateway at xxx.xxx.xxx.xxx?
  Negotiating security policies
  Securing communications channel
  64 06:46:59.335 06/13/07
  Assigned VA private interface addr xx.xx.xx.xxx

  Have been having the same issue for several months. Similar configuration with XP Pro (SP3 now) using VPN Client 5.0.02.0090.
  When the VPN client hangs, the svchost.exe uses up 100% of the CPU and a reboot is the only solution. Sometimes it take 5 or 6 reboots before the VPN will connect.
  If I wait long enough after the initial login, I can usually connect but this does not always help. If I wait too long, however, or run other programs before I start the VPN Client, it will hang. If the system disconnects for some reason, the VPN client usually hangs on the reconnect.
  I've been looking for an answer to this problem for some time now and this is the fist place I've seen where another user was experiencing the same issue.

• Cisco VPN connection not reliable

  I connect to my VPN, and all works fine. After a while (always different, from 15 minutes to 2 hours), the VPN connection is not usable anymore, but it is indicated by the VPN indicator on the top of the screen that it is still connected. I cannot connect to my intranet servers anymore.
  Anyone with same problem? Anyway to fix it?
  I remember having the same problem via VPNC when I used to use Linux a while ago, but that was fixed later on in VPNC implementation when new package was available.

  I have a similar problem. In my case, after a similar period of time (some random time which can be anything from a couple of minutes to a couple of hours) the connection drops and the wifi becomes unusable until it is turned off and on. This only happens when i am at work using the cisco vpn. It doesn't happen with other wifi connections in other places. Apple have told me the problem is with cisco.

• [SOLVED, kind of] VPN connection problems

  Hi guys,
  I'm having a problem connecting to a VPN in KF5:
  Until a couple days ago, I was using KDE4, and there I was still able to connect to a VPN (I'm using IPVanish), although after connecting to any VPN I always had to run the command
  # ip route add default dev tun0
  for the NetworkManager to actually use the connection.
  However, now with KF5, this doesn't seem to work anymore. All my VPN connections are listed in the applet, and connecting to any fo them also seems to work (it takes a few second, then the VPN connection is added to the "Active Connections" section), however, all my network traffic still goes through my "normal" connection. Running the above command after connecting to a VPN doesn't change anything.
  Here is the log of NetworkManager, I can't spot anything unusual:
  Mar 02 22:09:10 keineeile NetworkManager[420]: <info> Starting VPN service 'openvpn'...
  Mar 02 22:09:10 keineeile NetworkManager[420]: <info> VPN service 'openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 1454
  Mar 02 22:09:10 keineeile NetworkManager[420]: <info> VPN service 'openvpn' appeared; activating connections
  Mar 02 22:09:10 keineeile NetworkManager[420]: <info> VPN plugin state changed: starting (3)
  Mar 02 22:09:10 keineeile NetworkManager[420]: nm-openvpn-Message: openvpn started with pid 1458
  Mar 02 22:09:10 keineeile NetworkManager[420]: <info> VPN connection 'IPVanish - DE, Dresden' (Connect) reply received.
  Mar 02 22:09:10 keineeile nm-openvpn[1458]: OpenVPN 2.3.6 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Dec 2 2014
  Mar 02 22:09:10 keineeile nm-openvpn[1458]: library versions: OpenSSL 1.0.2 22 Jan 2015, LZO 2.09
  Mar 02 22:09:10 keineeile nm-openvpn[1458]: WARNING: No server certificate verification method has been enabled. See [url]http://openvpn.net/howto.html#mitm[/url] for more info.
  Mar 02 22:09:10 keineeile nm-openvpn[1458]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
  Mar 02 22:09:10 keineeile nm-openvpn[1458]: Attempting to establish TCP connection with [AF_INET]5.9.50.241:443 [nonblock]
  Mar 02 22:09:11 keineeile nm-openvpn[1458]: TCP connection established with [AF_INET]5.9.50.241:443
  Mar 02 22:09:11 keineeile nm-openvpn[1458]: TCPv4_CLIENT link local: [undef]
  Mar 02 22:09:11 keineeile nm-openvpn[1458]: TCPv4_CLIENT link remote: [AF_INET]5.9.50.241:443
  Mar 02 22:09:15 keineeile nm-openvpn[1458]: [drs-c01.ipvanish.com] Peer Connection Initiated with [AF_INET]5.9.50.241:443
  Mar 02 22:09:17 keineeile nm-openvpn[1458]: TUN/TAP device tun0 opened
  Mar 02 22:09:17 keineeile nm-openvpn[1458]: /usr/lib/networkmanager/nm-openvpn-service-openvpn-helper --tun -- tun0 1500 1572 172.20.25.230 255.255.252.0 init
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> (tun0): carrier is OFF
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> (tun0): new Tun device (driver: 'unknown' ifindex: 4)
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> (tun0): exported as /org/freedesktop/NetworkManager/Devices/3
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> VPN connection 'IPVanish - DE, Dresden' (IP Config Get) reply received.
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> VPN connection 'IPVanish - DE, Dresden' (IP4 Config Get) reply received.
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> VPN Gateway: 5.9.50.241
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> Tunnel Device: tun0
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> IPv4 configuration:
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> Internal Gateway: 172.20.24.1
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> Internal Address: 172.20.25.230
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> Internal Prefix: 22
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> Internal Point-to-Point Address: 0.0.0.0
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> Maximum Segment Size (MSS): 0
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> Forbid Default Route: yes
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> Internal DNS: 198.18.0.1
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> Internal DNS: 198.18.0.2
  Mar 02 22:09:17 keineeile nm-openvpn[1458]: Initialization Sequence Completed
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> DNS Domain: '(none)'
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> No IPv6 configuration
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> (tun0): link connected
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> VPN connection 'IPVanish - DE, Dresden' (IP Config Get) complete.
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> VPN plugin state changed: started (4)
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> (tun0): device state change: unmanaged -> unavailable (reason 'connection-assumed') [10 20 41]
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> (tun0): device state change: unavailable -> disconnected (reason 'connection-assumed') [20 30 41]
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> (tun0): Activation: starting connection 'tun0'
  Mar 02 22:09:17 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 1 of 5 (Device Prepare) scheduled...
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> Writing DNS information to /usr/bin/resolvconf
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 1 of 5 (Device Prepare) started...
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): device state change: disconnected -> prepare (reason 'none') [30 40 0]
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 2 of 5 (Device Configure) scheduled...
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 1 of 5 (Device Prepare) complete.
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 2 of 5 (Device Configure) starting...
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): device state change: prepare -> config (reason 'none') [40 50 0]
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 2 of 5 (Device Configure) successful.
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 3 of 5 (IP Configure Start) scheduled.
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 2 of 5 (Device Configure) complete.
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 3 of 5 (IP Configure Start) started...
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): device state change: config -> ip-config (reason 'none') [50 70 0]
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 5 of 5 (IPv4 Configure Commit) scheduled...
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 3 of 5 (IP Configure Start) complete.
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 5 of 5 (IPv4 Commit) started...
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): device state change: ip-config -> ip-check (reason 'none') [70 80 0]
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): Activation: Stage 5 of 5 (IPv4 Commit) complete.
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): device state change: ip-check -> secondaries (reason 'none') [80 90 0]
  Mar 02 22:09:18 keineeile NetworkManager[420]: <info> (tun0): device state change: secondaries -> activated (reason 'none') [90 100 0]
  Mar 02 22:09:19 keineeile NetworkManager[420]: <info> (tun0): Activation: successful, device activated.
  My system:
  $ uname -a
  Linux keineeile 3.18.6-1-ARCH #1 SMP PREEMPT Sat Feb 7 08:44:05 CET 2015 x86_64 GNU/Linux
  I'd be thankful for any hint or tip!
  Edit:
  Okay, I figure out a way to use VPN:
  NetworkManager somehow appears to have some problems with OpenVPN. I tried to set up a connection using PPTP (both are offered by the provider), and it works right away without doing any additional work.
  It's not really a solution to the above problems, but it solves the issue for me...
  Last edited by keineeile (2015-03-04 18:10:30)

  Try going to www.whatismyip.com whilst it works, then double check when it doesn't. Router might be having its 'heartbeat' and changing IP's. Going to a static might work, or using something like dyndns.
  Also, find out whay port your VPN uses then to to www.canyouseeme.org to check you can be seen from the outside world, if not, then could be port forwarding issue.
  Both of these are kind of unlikely seeing as it is a daily thing that happens at the same time, however they would be worth checking just to make sure.
  Just my two cents