IpSEC vpn dropped every day in peak hours

Hi, there,
our l2l vpn keeps dropping around 11am and 4pm, never happened during night and weekend.
the main errior is"Removing peer from correlator table failed, no match!"
the detail log is attached(from asa side)
pls help me with this
we are using asa5510 7.0 and pix 501 6.3
part of the log
"4|Jun 23 2010 10:31:00|713903: IP = x.x.x.138, Error: Unable to remove PeerTblEntry
3|Jun 23 2010 10:31:00|713902: IP = x.x.x.138, Removing peer from peer table failed, no match!
7|Jun 23 2010 10:31:00|713906: IP = x.x.x.138, sending delete/delete with reason message
7|Jun 23 2010 10:31:00|713906: IP = x.x.x.138, IKE SA MM:4d24e98b terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 23 2010 10:31:00|715065: IP = x.x.x.138, IKE MM Responder FSM error history (struct &0x1930e90) <state>, <event>: MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
4|Jun 23 2010 10:30:54|713903: IP = x.x.x.138, Error: Unable to remove PeerTblEntry
3|Jun 23 2010 10:30:54|713902: IP = x.x.x.138, Removing peer from peer table failed, no match!
7|Jun 23 2010 10:30:54|713906: IP = x.x.x.138, sending delete/delete with reason message
7|Jun 23 2010 10:30:54|713906: IP = x.x.x.138, IKE SA MM:57d21f6d terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 23 2010 10:30:54|715065: IP = x.x.x.138, IKE MM Responder FSM error history (struct &0x398d228) <state>, <event>: MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 23 2010 10:30:52|713236: IP = x.x.x.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 23 2010 10:30:46|713236: IP = x.x.x.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 23 2010 10:30:44|713236: IP = x.x.x.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 23 2010 10:30:44|713905: IP = x.x.x.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 23 2010 10:30:44|713201: IP = x.x.x.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
6|Jun 23 2010 10:30:43|713219: IP = x.x.x.138, Queuing KEY-ACQUIRE messages to be processed when P1 SA is complete.
7|Jun 23 2010 10:30:42|713236: IP = x.x.x.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 23 2010 10:30:38|713236: IP = x.x.x.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 23 2010 10:30:34|713236: IP = x.x.x.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 23 2010 10:30:34|715046: IP = x.x.x.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 23 2010 10:30:34|715046: IP = x.x.x.138, constructing ISAKMP SA payload
7|Jun 23 2010 10:30:34|715028: IP = x.x.x.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 5
7|Jun 23 2010 10:30:34|715047: IP = x.x.x.138, processing IKE SA payload
7|Jun 23 2010 10:30:34|715049: IP = x.x.x.138, Received DPD VID
7|Jun 23 2010 10:30:34|715047: IP = x.x.x.138, processing VID payload
7|Jun 23 2010 10:30:34|713906: IP = x.x.x.138, Oakley proposal is acceptable
7|Jun 23 2010 10:30:34|715047: IP = x.x.x.138, processing SA payload
7|Jun 23 2010 10:30:34|713236: IP = x.x.x.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 104
7|Jun 23 2010 10:30:30|713236: IP = x.x.x.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 23 2010 10:30:22|713236: IP = x.x.x.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 23 2010 10:30:22|715046: IP = x.x.x.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 23 2010 10:30:22|715046: IP = x.x.x.138, constructing ISAKMP SA payload
7|Jun 23 2010 10:30:22|715028: IP = x.x.x.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 5
7|Jun 23 2010 10:30:22|715047: IP = x.x.x.138, processing IKE SA payload
7|Jun 23 2010 10:30:22|715049: IP = x.x.x.138, Received DPD VID
7|Jun 23 2010 10:30:22|715047: IP = x.x.x.138, processing VID payload
7|Jun 23 2010 10:30:22|713906: IP = x.x.x.138, Oakley proposal is acceptable
7|Jun 23 2010 10:30:22|715047: IP = x.x.x.138, processing SA payload
7|Jun 23 2010 10:30:22|713236: IP = x.x.x.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 104
4|Jun 23 2010 10:30:18|713903: IP = x.x.x.138, Error: Unable to remove PeerTblEntry
3|Jun 23 2010 10:30:18|713902: IP = x.x.x.138, Removing peer from peer table failed, no match!
7|Jun 23 2010 10:30:18|713906: IP = x.x.x.138, sending delete/delete with reason message
appreciated.
Alex

7|Jun 24 2010 11:41:55|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:41:49|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 256
7|Jun 24 2010 11:41:49|713906: Group = DefaultRAGroup, IP = x.x.198.138, Generating keys for Responder...
7|Jun 24 2010 11:41:49|713906: IP = x.x.198.138, Connection landed on tunnel_group DefaultRAGroup
7|Jun 24 2010 11:41:49|715048: IP = x.x.198.138, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
7|Jun 24 2010 11:41:49|715046: IP = x.x.198.138, constructing VID payload
7|Jun 24 2010 11:41:49|715038: IP = x.x.198.138, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001)
7|Jun 24 2010 11:41:49|715048: IP = x.x.198.138, Send IOS VID
7|Jun 24 2010 11:41:49|715046: IP = x.x.198.138, constructing xauth V6 VID payload
7|Jun 24 2010 11:41:49|715046: IP = x.x.198.138, constructing Cisco Unity VID payload
7|Jun 24 2010 11:41:49|715046: IP = x.x.198.138, constructing nonce payload
7|Jun 24 2010 11:41:49|715046: IP = x.x.198.138, constructing ke payload
7|Jun 24 2010 11:41:49|715047: IP = x.x.198.138, processing nonce payload
7|Jun 24 2010 11:41:49|715047: IP = x.x.198.138, processing ISA_KE payload
7|Jun 24 2010 11:41:49|715047: IP = x.x.198.138, processing ke payload
7|Jun 24 2010 11:41:49|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + NONE (0) total length : 180
7|Jun 24 2010 11:41:48|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:41:48|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:41:48|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:41:48|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:41:48|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:41:48|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:41:48|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:41:48|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
7|Jun 24 2010 11:41:47|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:41:47|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:41:47|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:41:47|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:41:47|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:41:47|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:41:47|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:41:47|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
6|Jun 24 2010 11:41:44|302014: Teardown TCP connection 1078 for outside:x.x.198.138/16546 to NP Identity Ifc:66.92.228.251/443 duration 0:00:01 bytes 937 TCP FINs
6|Jun 24 2010 11:41:44|605005: Login permitted from x.x.198.138/16546 to outside:66.92.228.251/https for user "alex"
6|Jun 24 2010 11:41:43|302013: Built inbound TCP connection 1078 for outside:x.x.198.138/16546 (x.x.198.138/16546) to NP Identity Ifc:66.92.228.251/443 (66.92.228.251/443)
4|Jun 24 2010 11:41:42|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:41:42|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:41:42|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:41:42|713906: IP = x.x.198.138, IKE SA MM:7f14d974 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:41:42|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x3946b30) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
6|Jun 24 2010 11:41:41|605005: Login permitted from x.x.198.138/16548 to outside:66.92.228.251/https for user "alex"
6|Jun 24 2010 11:41:41|302013: Built inbound TCP connection 1063 for outside:x.x.198.138/16548 (x.x.198.138/16548) to NP Identity Ifc:66.92.228.251/443 (66.92.228.251/443)
6|Jun 24 2010 11:41:40|302014: Teardown TCP connection 1062 for outside:x.x.198.138/16544 to NP Identity Ifc:66.92.228.251/443 duration 0:00:01 bytes 852 TCP FINs
6|Jun 24 2010 11:41:39|605005: Login permitted from x.x.198.138/16544 to outside:66.92.228.251/https for user "alex"
6|Jun 24 2010 11:41:39|302013: Built inbound TCP connection 1062 for outside:x.x.198.138/16544 (x.x.198.138/16544) to NP Identity Ifc:66.92.228.251/443 (66.92.228.251/443)
6|Jun 24 2010 11:41:37|302014: Teardown TCP connection 1061 for outside:x.x.198.138/16542 to NP Identity Ifc:66.92.228.251/443 duration 0:00:01 bytes 905 TCP FINs
6|Jun 24 2010 11:41:37|605005: Login permitted from x.x.198.138/16542 to outside:66.92.228.251/https for user "alex"
7|Jun 24 2010 11:41:36|710002: TCP access permitted from x.x.198.138/16542 to outside:66.92.228.251/https
6|Jun 24 2010 11:41:36|302013: Built inbound TCP connection 1061 for outside:x.x.198.138/16542 (x.x.198.138/16542) to NP Identity Ifc:66.92.228.251/443 (66.92.228.251/443)
7|Jun 24 2010 11:41:34|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:41:30|302014: Teardown TCP connection 904 for outside:x.x.198.138/16538 to NP Identity Ifc:66.92.228.251/22 duration 0:01:42 bytes 23872 TCP FINs
6|Jun 24 2010 11:41:29|315011: SSH session from x.x.198.138 on interface outside for user "alex" terminated normally
7|Jun 24 2010 11:41:26|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:41:26|713905: IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:41:26|713201: IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
7|Jun 24 2010 11:41:24|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:41:16|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:41:16|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:41:16|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:41:16|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:41:16|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:41:16|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:41:16|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:41:16|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
7|Jun 24 2010 11:41:14|713906: Group = DefaultL2LGroup, IP = x.x.198.138, Responder resending last msg
6|Jun 24 2010 11:41:14|713905: Group = DefaultL2LGroup, IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:41:14|713201: Group = DefaultL2LGroup, IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
7|Jun 24 2010 11:41:08|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:41:08|713906: IP = x.x.198.138, IKE SA MM:bf61672f terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:41:08|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x395c160) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 24 2010 11:41:04|713906: Group = DefaultL2LGroup, IP = x.x.198.138, Starting phase 1 rekey timer: 64800000 (ms)
3|Jun 24 2010 11:41:04|713122: IP = x.x.198.138, Keep-alives configured on but peer does not support keep-alives (type = None)
7|Jun 24 2010 11:41:04|713121: IP = x.x.198.138, Keep-alive type for this connection: None
3|Jun 24 2010 11:41:04|713119: Group = DefaultL2LGroup, IP = x.x.198.138, PHASE 1 COMPLETED
7|Jun 24 2010 11:41:04|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + VENDOR (13) + NONE (0) total length : 84
7|Jun 24 2010 11:41:04|715046: Group = DefaultL2LGroup, IP = x.x.198.138, constructing dpd vid payload
7|Jun 24 2010 11:41:04|715076: Group = DefaultL2LGroup, IP = x.x.198.138, Computing hash for ISAKMP
7|Jun 24 2010 11:41:04|715046: Group = DefaultL2LGroup, IP = x.x.198.138, constructing hash payload
7|Jun 24 2010 11:41:04|715046: Group = DefaultL2LGroup, IP = x.x.198.138, constructing ID payload
4|Jun 24 2010 11:41:04|713903: Group = DefaultL2LGroup, IP = x.x.198.138, Freeing previously allocated memory for authorization-dn-attributes
7|Jun 24 2010 11:41:04|713906: IP = x.x.198.138, Connection landed on tunnel_group DefaultL2LGroup
7|Jun 24 2010 11:41:04|715076: Group = DefaultL2LGroup, IP = x.x.198.138, Computing hash for ISAKMP
7|Jun 24 2010 11:41:04|715047: Group = DefaultL2LGroup, IP = x.x.198.138, processing hash payload
7|Jun 24 2010 11:41:04|714011: Group = DefaultL2LGroup, IP = x.x.198.138, ID_IPV4_ADDR ID received
7|Jun 24 2010 11:41:04|715047: Group = DefaultL2LGroup, IP = x.x.198.138, processing ID payload
7|Jun 24 2010 11:41:04|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + ID (5) + HASH (8) + NONE (0) total length : 64
7|Jun 24 2010 11:41:04|713906: Group = DefaultL2LGroup, IP = x.x.198.138, Generating keys for Responder...
6|Jun 24 2010 11:41:04|713905: Group = DefaultRAGroup, IP = x.x.198.138, WARNING, had problems decrypting packet, probably due to mismatched pre-shared key. Switching user to tunnel-group: DefaultL2LGroup
5|Jun 24 2010 11:41:04|713904: Group = DefaultRAGroup, IP = x.x.198.138, Received encrypted Oakley Main Mode packet with invalid payloads, MessID = 0
6|Jun 24 2010 11:41:03|713905: Group = DefaultRAGroup, IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:41:03|713201: Group = DefaultRAGroup, IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
7|Jun 24 2010 11:41:00|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:40:53|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 256
7|Jun 24 2010 11:40:53|713906: Group = DefaultRAGroup, IP = x.x.198.138, Generating keys for Responder...
7|Jun 24 2010 11:40:53|713906: IP = x.x.198.138, Connection landed on tunnel_group DefaultRAGroup
7|Jun 24 2010 11:40:53|715048: IP = x.x.198.138, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
7|Jun 24 2010 11:40:53|715046: IP = x.x.198.138, constructing VID payload
7|Jun 24 2010 11:40:53|715038: IP = x.x.198.138, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001)
7|Jun 24 2010 11:40:53|715048: IP = x.x.198.138, Send IOS VID
7|Jun 24 2010 11:40:53|715046: IP = x.x.198.138, constructing xauth V6 VID payload
7|Jun 24 2010 11:40:53|715046: IP = x.x.198.138, constructing Cisco Unity VID payload
7|Jun 24 2010 11:40:53|715046: IP = x.x.198.138, constructing nonce payload
7|Jun 24 2010 11:40:53|715046: IP = x.x.198.138, constructing ke payload
7|Jun 24 2010 11:40:53|715047: IP = x.x.198.138, processing nonce payload
7|Jun 24 2010 11:40:53|715047: IP = x.x.198.138, processing ISA_KE payload
7|Jun 24 2010 11:40:53|715047: IP = x.x.198.138, processing ke payload
7|Jun 24 2010 11:40:53|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + NONE (0) total length : 180
7|Jun 24 2010 11:40:52|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:40:52|713905: IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:40:52|713201: IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
7|Jun 24 2010 11:40:52|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:40:50|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:40:44|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:40:42|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:40:42|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:40:42|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:40:42|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:40:42|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:40:42|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:40:42|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:40:42|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
7|Jun 24 2010 11:40:36|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:40:36|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:40:36|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:40:36|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:40:36|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:40:36|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:40:36|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:40:36|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
4|Jun 24 2010 11:40:32|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:40:32|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:40:32|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:40:32|713906: IP = x.x.198.138, IKE SA MM:52cdd2a3 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:40:32|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x39665d0) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 24 2010 11:40:24|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:40:18|710005: TCP request discarded from x.x.198.138/16538 to outside:66.92.228.251/22
7|Jun 24 2010 11:40:18|710005: TCP request discarded from x.x.198.138/16538 to outside:66.92.228.251/22
7|Jun 24 2010 11:40:18|710005: TCP request discarded from x.x.198.138/16538 to outside:66.92.228.251/22
7|Jun 24 2010 11:40:16|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:40:16|713905: IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:40:16|713201: IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
7|Jun 24 2010 11:40:13|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:40:08|710005: TCP request discarded from x.x.198.138/16538 to outside:66.92.228.251/22
7|Jun 24 2010 11:40:05|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:40:05|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:40:05|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:40:05|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:40:05|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:40:05|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:40:05|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:40:05|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
4|Jun 24 2010 11:40:01|713903: Group = DefaultRAGroup, IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:40:01|713902: Group = DefaultRAGroup, IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:40:01|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=d8b6f0a6) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80
7|Jun 24 2010 11:40:01|715046: Group = DefaultRAGroup, IP = x.x.198.138, constructing qm hash payload
7|Jun 24 2010 11:40:01|715046: Group = DefaultRAGroup, IP = x.x.198.138, constructing IKE delete payload
7|Jun 24 2010 11:40:01|715046: Group = DefaultRAGroup, IP = x.x.198.138, constructing blank hash payload
7|Jun 24 2010 11:40:01|713906: Group = DefaultRAGroup, IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:40:01|713906: Group = DefaultRAGroup, IP = x.x.198.138, IKE SA MM:a3ae7411 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:40:01|715065: Group = DefaultRAGroup, IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x39665d0) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG5, EV_PROB_AUTH_FAIL-->MM_WAIT_MSG5, EV_TIMEOUT-->MM_WAIT_MSG5, NullEvent-->MM_SND_MSG4, EV_CRYPTO_ACTIVE-->MM_SND_MSG4, EV_SND_MSG-->MM_SND_MSG4, EV_START_TMR-->MM_SND_MSG4, EV_RESEND_MSG
6|Jun 24 2010 11:39:56|605005: Login permitted from x.x.198.138/16538 to outside:66.92.228.251/ssh for user "alex"
6|Jun 24 2010 11:39:56|109005: Authentication succeeded for user 'alex' from x.x.198.138/16538 to 66.92.228.251/22 on interface outside
7|Jun 24 2010 11:39:47|710002: TCP access permitted from x.x.198.138/16538 to outside:66.92.228.251/ssh
6|Jun 24 2010 11:39:47|302013: Built inbound TCP connection 904 for outside:x.x.198.138/16538 (x.x.198.138/16538) to NP Identity Ifc:66.92.228.251/22 (66.92.228.251/22)
6|Jun 24 2010 11:39:45|713905: Group = DefaultRAGroup, IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:39:45|713201: Group = DefaultRAGroup, IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
4|Jun 24 2010 11:39:38|713903: Group = DefaultRAGroup, IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:39:38|713902: Group = DefaultRAGroup, IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:39:38|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=3207fb99) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80
7|Jun 24 2010 11:39:38|715046: Group = DefaultRAGroup, IP = x.x.198.138, constructing qm hash payload
7|Jun 24 2010 11:39:38|715046: Group = DefaultRAGroup, IP = x.x.198.138, constructing IKE delete payload
7|Jun 24 2010 11:39:38|715046: Group = DefaultRAGroup, IP = x.x.198.138, constructing blank hash payload
7|Jun 24 2010 11:39:38|713906: Group = DefaultRAGroup, IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:39:38|713906: Group = DefaultRAGroup, IP = x.x.198.138, IKE SA MM:25ae2f9b terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:39:38|715065: Group = DefaultRAGroup, IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x3966fd8) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG5, EV_PROB_AUTH_FAIL-->MM_WAIT_MSG5, EV_TIMEOUT-->MM_WAIT_MSG5, NullEvent-->MM_SND_MSG4, EV_CRYPTO_ACTIVE-->MM_SND_MSG4, EV_SND_MSG-->MM_SND_MSG4, EV_START_TMR-->MM_SND_MSG4, EV_RESEND_MSG
7|Jun 24 2010 11:39:35|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 256
7|Jun 24 2010 11:39:35|713906: Group = DefaultRAGroup, IP = x.x.198.138, Generating keys for Responder...
7|Jun 24 2010 11:39:35|713906: IP = x.x.198.138, Connection landed on tunnel_group DefaultRAGroup
7|Jun 24 2010 11:39:35|715048: IP = x.x.198.138, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
7|Jun 24 2010 11:39:35|715046: IP = x.x.198.138, constructing VID payload
7|Jun 24 2010 11:39:35|715038: IP = x.x.198.138, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001)
7|Jun 24 2010 11:39:35|715048: IP = x.x.198.138, Send IOS VID
7|Jun 24 2010 11:39:35|715046: IP = x.x.198.138, constructing xauth V6 VID payload
7|Jun 24 2010 11:39:35|715046: IP = x.x.198.138, constructing Cisco Unity VID payload
7|Jun 24 2010 11:39:35|715046: IP = x.x.198.138, constructing nonce payload
7|Jun 24 2010 11:39:35|715046: IP = x.x.198.138, constructing ke payload
7|Jun 24 2010 11:39:35|715047: IP = x.x.198.138, processing nonce payload
7|Jun 24 2010 11:39:35|715047: IP = x.x.198.138, processing ISA_KE payload
7|Jun 24 2010 11:39:35|715047: IP = x.x.198.138, processing ke payload
7|Jun 24 2010 11:39:35|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + NONE (0) total length : 180
7|Jun 24 2010 11:39:34|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:39:34|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:39:34|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:39:34|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:39:34|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:39:34|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:39:34|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:39:34|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
4|Jun 24 2010 11:39:29|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:39:29|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:39:29|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:39:29|713906: IP = x.x.198.138, IKE SA MM:93ebdc10 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:39:29|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x3924540) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
6|Jun 24 2010 11:39:22|713905: Group = DefaultRAGroup, IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:39:22|713201: Group = DefaultRAGroup, IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
7|Jun 24 2010 11:39:21|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:39:13|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:39:12|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 256
7|Jun 24 2010 11:39:12|713906: Group = DefaultRAGroup, IP = x.x.198.138, Generating keys for Responder...
7|Jun 24 2010 11:39:12|713906: IP = x.x.198.138, Connection landed on tunnel_group DefaultRAGroup
7|Jun 24 2010 11:39:12|715048: IP = x.x.198.138, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
7|Jun 24 2010 11:39:12|715046: IP = x.x.198.138, constructing VID payload
7|Jun 24 2010 11:39:12|715038: IP = x.x.198.138, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001)
7|Jun 24 2010 11:39:12|715048: IP = x.x.198.138, Send IOS VID
7|Jun 24 2010 11:39:12|715046: IP = x.x.198.138, constructing xauth V6 VID payload
7|Jun 24 2010 11:39:12|715046: IP = x.x.198.138, constructing Cisco Unity VID payload
7|Jun 24 2010 11:39:12|715046: IP = x.x.198.138, constructing nonce payload
7|Jun 24 2010 11:39:12|715046: IP = x.x.198.138, constructing ke payload
7|Jun 24 2010 11:39:12|715047: IP = x.x.198.138, processing nonce payload
7|Jun 24 2010 11:39:12|715047: IP = x.x.198.138, processing ISA_KE payload
7|Jun 24 2010 11:39:12|715047: IP = x.x.198.138, processing ke payload
7|Jun 24 2010 11:39:12|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + NONE (0) total length : 180
7|Jun 24 2010 11:39:11|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:39:05|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:39:03|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:39:03|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:39:03|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:39:03|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:39:03|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:39:03|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:39:03|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:39:03|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
7|Jun 24 2010 11:38:57|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:38:57|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:38:57|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:38:57|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:38:57|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:38:57|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:38:57|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:38:57|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
4|Jun 24 2010 11:38:53|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:38:53|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:38:53|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:38:53|713906: IP = x.x.198.138, IKE SA MM:53b90578 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:38:53|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x39213e8) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
4|Jun 24 2010 11:38:50|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:38:50|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:38:50|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:38:50|713906: IP = x.x.198.138, IKE SA MM:646ffb22 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:38:50|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x395f388) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 24 2010 11:38:45|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:38:42|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:38:37|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:38:37|713905: IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:38:37|713201: IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
7|Jun 24 2010 11:38:35|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:38:34|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:38:30|606003: ASDM logging session number 0 from x.x.198.138 started
6|Jun 24 2010 11:38:30|605005: Login permitted from x.x.198.138/16530 to outside:66.92.228.251/https for user "alex"
6|Jun 24 2010 11:38:29|302013: Built inbound TCP connection 783 for outside:x.x.198.138/16530 (x.x.198.138/16530) to NP Identity Ifc:66.92.228.251/443 (66.92.228.251/443)
7|Jun 24 2010 11:38:27|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:38:27|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:38:27|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:38:27|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:38:27|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:38:27|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:38:27|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:38:27|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
7|Jun 24 2010 11:38:26|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:38:22|302014: Teardown TCP connection 782 for outside:x.x.198.138/16527 to NP Identity Ifc:66.92.228.251/443 duration 0:00:01 bytes 1449 TCP FINs
6|Jun 24 2010 11:38:21|605005: Login permitted from x.x.198.138/16527 to outside:66.92.228.251/https for user "alex"
7|Jun 24 2010 11:38:21|710002: TCP access permitted from x.x.198.138/16527 to outside:66.92.228.251/https
6|Jun 24 2010 11:38:21|302013: Built inbound TCP connection 782 for outside:x.x.198.138/16527 (x.x.198.138/16527) to NP Identity Ifc:66.92.228.251/443 (66.92.228.251/443)
7|Jun 24 2010 11:38:18|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:38:18|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:38:18|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:38:18|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:38:18|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:38:18|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:38:18|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:38:18|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
7|Jun 24 2010 11:36:47|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:36:45|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:36:39|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:36:39|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:36:39|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:36:39|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:36:39|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:36:39|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:36:39|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:36:39|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
7|Jun 24 2010 11:36:37|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:36:37|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:36:37|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:36:37|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:36:37|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:36:37|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:36:37|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:36:37|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
4|Jun 24 2010 11:36:33|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:36:33|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:36:33|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:36:33|713906: IP = x.x.198.138, IKE SA MM:019e0e53 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:36:33|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x3938f50) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
4|Jun 24 2010 11:36:31|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:36:31|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:36:31|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:36:31|713906: IP = x.x.198.138, IKE SA MM:635d12a3 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:36:31|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x3951bd8) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 24 2010 11:36:25|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:36:23|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:36:17|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:36:17|713905: IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:36:17|713201: IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
7|Jun 24 2010 11:36:15|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:36:15|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:36:07|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:36:07|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:36:07|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:36:07|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:36:07|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:36:07|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:36:07|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:36:07|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:36:07|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
4|Jun 24 2010 11:36:00|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:36:00|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:36:00|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:36:00|713906: IP = x.x.198.138, IKE SA MM:829b8b51 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:36:00|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x3951160) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 24 2010 11:35:59|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:35:59|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:35:59|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:35:59|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:35:59|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:35:59|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:35:59|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:35:59|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
4|Jun 24 2010 11:35:55|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:35:55|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:35:55|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:35:55|713906: IP = x.x.198.138, IKE SA MM:af21e9c3 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:35:55|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x39197a0) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 24 2010 11:35:52|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:35:47|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:35:44|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:35:39|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:35:39|713905: IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:35:39|713201: IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
7|Jun 24 2010 11:35:37|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:35:36|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:35:29|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:35:29|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:35:29|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:35:29|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:35:29|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:35:29|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:35:29|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:35:29|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
7|Jun 24 2010 11:35:28|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:35:28|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:35:28|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:35:28|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:35:28|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:35:28|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:35:28|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:35:28|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
4|Jun 24 2010 11:35:24|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:35:24|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:35:24|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:35:24|713906: IP = x.x.198.138, IKE SA MM:b89f79e9 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:35:24|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x3950798) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 24 2010 11:35:16|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:35:08|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:35:08|713905: IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:35:08|713201: IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
4|Jun 24 2010 11:35:07|713903: Group = DefaultRAGroup, IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:35:07|713902: Group = DefaultRAGroup, IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:35:07|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=1daa1d52) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80
7|Jun 24 2010 11:35:07|715046: Group = DefaultRAGroup, IP = x.x.198.138, constructing qm hash payload
7|Jun 24 2010 11:35:07|715046: Group = DefaultRAGroup, IP = x.x.198.138, constructing IKE delete payload
7|Jun 24 2010 11:35:07|715046: Group = DefaultRAGroup, IP = x.x.198.138, constructing blank hash payload
7|Jun 24 2010 11:35:07|713906: Group = DefaultRAGroup, IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:35:07|713906: Group = DefaultRAGroup, IP = x.x.198.138, IKE SA MM:77cfc698 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:35:07|715065: Group = DefaultRAGroup, IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x3919758) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG5, EV_PROB_AUTH_FAIL-->MM_WAIT_MSG5, EV_TIMEOUT-->MM_WAIT_MSG5, NullEvent-->MM_SND_MSG4, EV_CRYPTO_ACTIVE-->MM_SND_MSG4, EV_SND_MSG-->MM_SND_MSG4, EV_START_TMR-->MM_SND_MSG4, EV_RESEND_MSG
7|Jun 24 2010 11:35:06|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:34:58|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:34:58|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:34:58|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:34:58|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:34:58|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:34:58|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:34:58|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:34:58|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
4|Jun 24 2010 11:34:48|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:34:48|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:34:48|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:34:48|713906: IP = x.x.198.138, IKE SA MM:834a5b7d terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:34:48|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x391b8d8) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 24 2010 11:34:40|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:34:35|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 256
7|Jun 24 2010 11:34:35|713906: Group = DefaultRAGroup, IP = x.x.198.138, Generating keys for Responder...
7|Jun 24 2010 11:34:35|713906: IP = x.x.198.138, Connection landed on tunnel_group DefaultRAGroup
7|Jun 24 2010 11:34:35|715048: IP = x.x.198.138, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
7|Jun 24 2010 11:34:35|715046: IP = x.x.198.138, constructing VID payload
7|Jun 24 2010 11:34:35|715038: IP = x.x.198.138, Constructing ASA spoofing IOS Vendor ID payload (version: 1.0.0, capabilities: 20000001)
7|Jun 24 2010 11:34:35|715048: IP = x.x.198.138, Send IOS VID
7|Jun 24 2010 11:34:35|715046: IP = x.x.198.138, constructing xauth V6 VID payload
7|Jun 24 2010 11:34:35|715046: IP = x.x.198.138, constructing Cisco Unity VID payload
7|Jun 24 2010 11:34:35|715046: IP = x.x.198.138, constructing nonce payload
7|Jun 24 2010 11:34:35|715046: IP = x.x.198.138, constructing ke payload
7|Jun 24 2010 11:34:35|715047: IP = x.x.198.138, processing nonce payload
7|Jun 24 2010 11:34:35|715047: IP = x.x.198.138, processing ISA_KE payload
7|Jun 24 2010 11:34:35|715047: IP = x.x.198.138, processing ke payload
7|Jun 24 2010 11:34:35|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + KE (4) + NONCE (10) + NONE (0) total length : 180
7|Jun 24 2010 11:34:34|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:34:34|713905: IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:34:34|713201: IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
7|Jun 24 2010 11:34:32|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:34:31|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:34:24|606003: ASDM logging session number 0 from x.x.198.138 started
6|Jun 24 2010 11:34:24|605005: Login permitted from x.x.198.138/16490 to outside:66.92.228.251/https for user "alex"
7|Jun 24 2010 11:34:24|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:34:24|710002: TCP access permitted from x.x.198.138/16490 to outside:66.92.228.251/https
6|Jun 24 2010 11:34:24|302013: Built inbound TCP connection 151 for outside:x.x.198.138/16490 (x.x.198.138/16490) to NP Identity Ifc:66.92.228.251/443 (66.92.228.251/443)
7|Jun 24 2010 11:34:23|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:34:23|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:34:23|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:34:23|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:34:23|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:34:23|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:34:23|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:34:23|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
7|Jun 24 2010 11:34:20|710005: TCP request discarded from x.x.198.138/16373 to outside:66.92.228.251/443
6|Jun 24 2010 11:34:20|106015: Deny TCP (no connection) from x.x.198.138/16373 to 66.92.228.251/443 flags FIN PSH ACK on interface outside
4|Jun 24 2010 11:34:17|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:34:17|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:34:17|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:34:17|713906: IP = x.x.198.138, IKE SA MM:948e665a terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:34:17|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x3919758) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 24 2010 11:34:16|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:34:16|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:34:16|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:34:16|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:34:16|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:34:16|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:34:16|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:34:16|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
7|Jun 24 2010 11:34:09|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:31:45|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:31:45|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:31:45|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:31:45|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:31:45|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:31:45|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:31:45|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:31:45|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
4|Jun 24 2010 11:31:41|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:31:41|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:31:41|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:31:41|713906: IP = x.x.198.138, IKE SA MM:0d6d4e0d terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:31:41|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x3940150) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
4|Jun 24 2010 11:31:41|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:31:41|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:31:41|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:31:41|713906: IP = x.x.198.138, IKE SA MM:b60acf34 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:31:41|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x39d54a0) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 24 2010 11:31:33|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:31:33|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:31:25|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:31:25|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
6|Jun 24 2010 11:31:25|713905: IP = x.x.198.138, P1 Retransmit msg dispatched to MM FSM
5|Jun 24 2010 11:31:25|713201: IP = x.x.198.138, Duplicate Phase 1 packet detected. Retransmitting last packet.
7|Jun 24 2010 11:31:23|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:31:17|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:31:15|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:31:15|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:31:15|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:31:15|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:31:15|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:31:15|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:31:15|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:31:15|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
7|Jun 24 2010 11:31:09|713236: IP = x.x.198.138, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:31:09|715046: IP = x.x.198.138, constructing Fragmentation VID + extended capabilities payload
7|Jun 24 2010 11:31:09|715046: IP = x.x.198.138, constructing ISAKMP SA payload
7|Jun 24 2010 11:31:09|715028: IP = x.x.198.138, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 4
7|Jun 24 2010 11:31:09|715047: IP = x.x.198.138, processing IKE SA payload
7|Jun 24 2010 11:31:09|713906: IP = x.x.198.138, Oakley proposal is acceptable
7|Jun 24 2010 11:31:09|715047: IP = x.x.198.138, processing SA payload
7|Jun 24 2010 11:31:09|713236: IP = x.x.198.138, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + NONE (0) total length : 84
4|Jun 24 2010 11:31:07|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:31:07|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:31:07|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:31:07|713906: IP = x.x.198.138, IKE SA MM:164fb835 terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:31:07|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x3940150) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
4|Jun 24 2010 11:31:05|713903: IP = x.x.198.138, Error: Unable to remove PeerTblEntry
3|Jun 24 2010 11:31:05|713902: IP = x.x.198.138, Removing peer from peer table failed, no match!
7|Jun 24 2010 11:31:05|713906: IP = x.x.198.138, sending delete/delete with reason message
7|Jun 24 2010 11:31:05|713906: IP = x.x.198.138, IKE SA MM:5905f9ea terminating: flags 0x01000002, refcnt 0, tuncnt 0
7|Jun 24 2010 11:31:05|715065: IP = x.x.198.138, IKE MM Responder FSM error history (struct &0x395fff0) , : MM_DONE, EV_ERROR-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent-->MM_SND_MSG2, EV_SND_MSG-->MM_SND_MSG2, EV_START_TMR-->MM_SND_MSG2, EV_RESEND_MSG-->MM_WAIT_MSG3, EV_TIMEOUT-->MM_WAIT_MSG3, NullEvent
7|Jun 24 2010 11:30:59|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:30:57|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:30:51|713236: IP = x.x.198.138, IKE_DECODE RESENDING Message (msgid=0) with payloads : HDR + SA (1) + VENDOR (13) + NONE (0) total length : 108
7|Jun 24 2010 11:30:49|713236: IP = x.x.198

Similar Messages

Wireless connection drops every day -- iTunes 8.02 the problem??

Hello! Our iMac is connected to the internet via Airport, and we have rarely had problems with the connection. For the last two weeks, when I get on the iMac for the first time that day, I have to reconnect to the wireless network through the Airport Setup Assistant every single time. I've tried resetting our cable modem and Airport -- no effect on the problem. I've tried going into sleep mode without logging off to see if that might help -- nope. I've tried repairing permissions in the off-chance that that might help -- no again.
In something that seems more than just a coincidence, we updated our iTunes to 8.02 about two weeks ago, and that's when this problem began happening. I am especially suspicious that there's a link because we did not update iTunes on our Macbook and it has no problem whatsoever staying connected to the exact same wireless network.
Two questions, then:
-- Is the iTunes 8.02 update the problem?
-- If so, how do I go back to iTunes 7.7?
Thanks!

Hi, I'm new to iTunes and apple, but this is happening to me too! I've got iTunes 8 and whenever I run it, my wireless connection drops (disables itself) and cannot be restarted without rebooting the machine. Did you manage to find an answer?

Why does my broadband drop every day?

Is there a reason why I disconnect - on average - once a day:
Jan 1 13:09:12 WAN Connection: Ethernet link down.
Jan 2 07:56:03 WAN Connection: Ethernet link down.
Jan 3 08:09:42 WAN Connection: Ethernet link down.
Jan 3 11:55:21 WAN Connection: Ethernet link down.
Jan 4 08:17:11 WAN Connection: Ethernet link down.
Jan 4 08:23:51 WAN Connection: Ethernet link down.
Jan 7 11:50:50 WAN Connection: Ethernet link down.
Jan 7 11:51:51 WAN Connection: Ethernet link down.
Jan 8 09:52:24 WAN Connection: Ethernet link down.
Jan 9 10:56:35 WAN Connection: Ethernet link down.
Jan 11 05:14:28 WAN Connection: Ethernet link down.
Jan 11 10:27:19 WAN Connection: Ethernet link down.
Jan 11 12:19:49 WAN Connection: Ethernet link down.
Jan 12 05:04:49 WAN Connection: Ethernet link down.
Jan 13 08:01:47 WAN Connection: Ethernet link down.
Jan 14 07:25:18 WAN Connection: Ethernet link down.
Jan 14 12:11:39 WAN Connection: Ethernet link down.
Jan 14 14:00:21 WAN Connection: Ethernet link down.
...unfortunately I lost power over the new year period so I only have two weeks data at present, however, I did have a period of about 60 days showing the same pattern. That's 60 days of disconnecting once a day or so. Surely this isn't "normal"?
Before anyone says it - yes, I have changed to the master socket, changed microfilters, etc etc. None of it makes any difference, nor can I detect any pattern in the dropouts. Any thoughts / help much appreciated.

And this morning after a 13hour connection:
Modulation : ADSL2+
Annex Mode : Annex A/L
Line State : up
Lan Tx : 685472
Lan Rx : 407167
ADSL Tx : 381046
ADSL Rx : 612308744
CRC Down : 0
CRC Up : 38865
FEC Down : 0
FEC Up : 12769
HEC Down : 27787
HEC Up : 0
SNR Up : 7.1
SNR Down : 6.7
Line Attenuation Up : 21.7
Line Attenuation Down : 42.0
Data Rate Up : 1011
Data Rate Down : 7206
I noticed that that when I tried to connect this morning nothing happened ie all the lights are on but when it doesn't load the webpage and after about 2 minutes the router resets. It may be that the connections are dropping when the router is first used after a long period of inactivity? Those errors are still creeping up...
No - it isn't connected to the test socket at the moment, I suppose you are going to say move it and see if this still happens? I will try a bit later but it didn't make a difference last time I moved it.

Troubleshooting IPSEC VPN LAN-toLAN

PIX 515E's on both ends, one with version 7 of PIX IOS, and one with version 6 -- also, there are no firmware upgrades to the PIX running IOS v6.
IPSEC VPN drops completely in a completely random fashion, and it comes back up after the SA's are cleared. Is the best step at this point to upgrade the v6 PIX to all current firmware and PIX IOS versions? What would I look for after the upgrades if the issue were not resolved?

Hi there i had this problem, but my scenario was like having a router connected to two PIX running 6.3 code. After several testing i got it to work in both 6.x and 7.x. I will attach the config for your reference. The configurations have been picked up from the cisco site only, and i believe it works pretty fine. Another thing could you have a debug isakmp sa and debug ipsec running on your pix so that we could find out the problem, post your logs in case you have collected the error messages.
-Hoogen

I have several recuring alarms set up on my calendar for each day of the week. In the past few weeks, an alarm will occasionaly notify me roughly 15 minutes to an hour and a half late. These daily alarms are identical and repeat every day.

I have several recuring alarms set up on iCal for each day of the week. In the past few weeks, an alarm will occasionaly notify me roughly 15 minutes to an hour and a half late. These daily alarms are identical and repeat every day and there seems to be no apparent pattern to why or when an alarm happens after the event is past.

I assume you meant iCal rather than iTunes? Yes, iCal the time zone is correct. The delayed alarms only happen sporadically. Since I posted this message, the problem stopped happening every day at the same time, but it still happens occasionally with no rhyme or reason as to when. It's gotten so that I can't depend on my iCal alarms anymore.

My iPhone 4 appears with no service every day, i have to restarted and a few hours later again the same problem, Any other solution please???

my iPhone 4 appears with no service every day, i have to make restart and a few hours later again the same problem, Any other solution please???

This is almost always a symptom of a phone that was jailbroken or hacked to unlock it.
Where did you get the phone?

[FEATREQ] New 'Live Updating' option: realtime, every x hours, every day...

Hey all,
I just posted this as feedback to Apple, but I would like to hear your opinions on this as well.
The problem is that my iTunes and computer are stuttering at the beginning of every song, because all my smart playlists have to be updated with the new information that the previous song has been played. This causes iTunes to freeze up for about 20 to 25 seconds at the start of every new song, despite having quite a fast computer with plenty of RAM.
The culprit of course is that I have a large library (13k songs), as well as dozens of smart playlists depending on each other. However, the question is whether I should be punished for this? After all, you want to fill up that 80GB iPod, no? Anyways, I'm suggesting an extra option that would get rid of these issues no matter how big your library is or how many smart playlists you've got.
The feature I'm suggesting that would get rid of this issue is the following: instead of updating all smart playlists 'realtime', give the user the option of doing this live updating real time, every x hours, every day or only at startup. You could give the user this option either for every playlist independently, or globally in the settings for iTunes. With this extra option, I would configure iTunes to update my playlists every 4 hours or something like that, and I would get the stuttering only every 4 hours instead of every 4 minutes, as it's right now.
Are there any other people who would like this option?
What do you think? Useful? Rubbish?
Sincerely,
Tijl Kindt

Are you sure that this is the problem? I have a 300 gig library with numerous interdependent smart playlists. I also mostly play iTunes over Airtunes. I don't have this problem. I do see some slowness in launching iTunes as a result of the smart playlists but once it's open, I don't have a problem. I'm guessing you turned live updating off on all the playlists to see if that solved the problem as I don't know how else you would have come to this conclusion.
The only short term fix I can see is to turn off live updating on at least some of the playlists and then turn it back on periodically.

Users VPN drops after every 5 mins

Hi everyone,
We have user whose remote VPN drops after every 5 mins.
Need to know whats things i can check to troubleshoot the issue?
User connects by RSA Token.
ISP connection is ok its not issue.
Any thing i can check in ASA ?
Thanks
Mahesh

On the client side, have you tested wired vs wireless to see if the problems exists in both? If it's only one of them but not the other, try updating the drivers. Also, if it's windows 7, take a look at the power settings in control panel. I've seen where agressive power settings will shut off the network port when idle. Not that big of a deal in a LAN environment but it wreaks havoc on VPN.

Spotlight on G5 spotlighting every day for hours

hi all,
I have installed Leopard 10.5.3 on my G5 2.3 dual (4 FW disks attached on it) and since then Spotlight searches for files every day for hours, on all disks, internal and external;
I really don't know what SL is looking for and why these searches are endless,
but it's so frustrating when I need to find a file because SLing is not available during its search;
I have the same problem with my MBP 15" Penryn 2.4GHz but only when external disks are on;
has anybody out there any idea about that? I wonder, is that normal function?
thanks for helping_

What malware was found by ClamXav? Most likely, it was Windows malware. Also, unfortunately, most likely it was Windows malware attached to e-mail messages, in which case deleting it from ClamXav probably corrupted one or more of your mailboxes. Assuming you're using Mail, you should probably rebuild all your mailboxes, by selecting each one, one at a time, and using the Rebuild command in the Mailbox menu on each.
Regarding Mac malware, you most likely have nothing to fear. There isn't much malware out there for Macs, and all of it is very rare. Of course, if you're actually using Mac OS X 10.5.8, as your profile indicates, you have fewer defenses than users of more up-to-date systems. For more on this topic, see my Mac Malware Guide.
As to the downloads, there are many things that could account for that. Jon P D gave a couple excellent possibilities. Regarding the wifi, if you're using a wifi router to create a network without a password, or with weak WEP encryption, you could easily have someone piggybacking on your wifi and using your bandwidth without permission. Lock down the network with WPA2 encryption and a good, strong password that people won't be able to guess.
Also, note that Mac OS X downloads updates automatically in the background, and there were a number of large updates this week. If you have a connection that only allows you to download a certain amount per month, you may want to turn that option off in System Preferences -> Software Update, so that you can choose when new updates are downloaded.

I skype every night with a person nearby, and the call mac-to-mac is dropped every night at exactly the same hour, to the minute.

I have an even weirder problem. I skype every night with a person nearby, and the call mac-to-mac is dropped every night at exactly the same hour, to the minute. I have to close skype and restart it and call again and then it works without problems.
I have my imac connected to hi-speed cable.
Any ideas anyone? Thanks!

You should post in Skype forums.

Cisco ASA 5505 Ipsec VPN and random connection dropping issues.

Hello,
We are currently having issues with a ASA 5505 Ipsec VPN. It was configured about 7-8 months ago and has been running very well..up until the last few weeks. For some reason, the VPN tends to randomly disconnect any user clients connected a lot. Furthermore, sometimes it actually connects; however does not put us on the local network for some reason and unable to browse file server. We have tried rebooting the ASA a few times and our ISP Time Warner informed us there are no signs of packet loss but still unable to pinpoint the problem. Sometimes users close out of VPN client completely, reopen several times and then it works. However it's never really consistent enough and hasn't been the last few weeks. No configuration changes have been made to ASA at all. Furthermore, the Cisco Ipsec VPN client version is: 5.0.70
Directly below is our current running config (modded for public). Any help or ideas would be greatly appreciated. Otherwise, if everything looks good...then I will defer back to our ISP Time Warner:
: Saved
ASA Version 8.4(2)
hostname domainasa
domain-name adomain.local
enable password cTfsR84pqF5Xohw. encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.2.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 205.101.1.240 255.255.255.248
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup inside
dns domain-lookup outside
dns server-group DefaultDNS
name-server 192.168.2.60
domain-name adomain.local
same-security-traffic permit intra-interface
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network SBS_2011
host 192.168.2.60
object network NETWORK_OBJ_192.168.2.0_24
subnet 192.168.2.0 255.255.255.0
object network NETWORK_OBJ_192.168.5.192_
27
subnet 192.168.5.192 255.255.255.224
object network Https_Access
host 192.168.2.90
description Spam Hero
object-group network DM_INLINE_NETWORK_1
network-object object SPAM1
network-object object SPAM2
network-object object SPAM3
network-object object SPAM4
network-object object SPAM5
network-object object SPAM6
network-object object SPAM7
network-object object SPAM8
object-group service RDP tcp
description Microsoft RDP
port-object eq 3389
access-list outside_access_in extended permit tcp object-group DM_INLINE_NETWORK_1 object SBS_2011 eq smtp
access-list outside_access_in extended permit tcp any object SBS_2011 eq https
access-list outside_access_in extended permit icmp any interface outside
access-list outside_access_in remark External RDP Access
access-list outside_access_in extended permit tcp any object SBS_2011 object-group RDP
access-list domain_splitTunnelAcl standard permit 192.168.2.0 255.255.255.0
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool test 192.168.10.1-192.168.10.5 mask 255.255.255.0
ip local pool VPN_Users 192.168.5.194-192.168.5.22
0 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
nat (inside,outside) source static NETWORK_OBJ_192.168.2.0_24
NETWORK_OBJ_192.168.2.0_24
destination static NETWORK_OBJ_192.168.5.192_
27 NETWORK_OBJ_192.168.5.192_
27 no-proxy-arp route-lookup
object network obj_any
nat (inside,outside) dynamic interface
object network SBS_2011
nat (inside,outside) static interface service tcp smtp smtp
object network Https_Access
nat (inside,outside) static interface service tcp https https
nat (inside,outside) after-auto source dynamic any interface
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 205.101.1.239 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-reco
rd DfltAccessPolicy
user-identity default-domain LOCAL
http server enable
http 192.168.2.0 255.255.255.0 inside
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ikev1 enable outside
crypto ikev1 policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet 192.168.2.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 192.168.2.160-192.168.2.19
9 inside
dhcpd dns 192.168.2.60 24.29.99.36 interface inside
dhcpd wins 192.168.2.60 24.29.99.36 interface inside
dhcpd domain adomain interface inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy domain internal
group-policy domain attributes
wins-server value 192.168.2.60
dns-server value 192.168.2.60
vpn-tunnel-protocol ikev1
split-tunnel-policy tunnelspecified
split-tunnel-network-list value domain_splitTunnelAcl
default-domain value adomain.local
username ben password zWCAaitV3CB.GA87 encrypted privilege 0
username ben attributes
vpn-group-policy domain
username sdomain password FATqd4I1ZoqyQ/MN encrypted
username sdomain attributes
vpn-group-policy domain
username adomain password V5.hvhZU4S8NwGg/ encrypted
username adomain attributes
vpn-group-policy domain
service-type admin
username jdomain password uODal3Mlensb8d.t encrypted privilege 0
username jdomain attributes
vpn-group-policy domain
service-type admin
tunnel-group domain type remote-access
tunnel-group domain general-attributes
address-pool VPN_Users
default-group-policy domain
tunnel-group domain ipsec-attributes
ikev1 pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:e2466a5b754
eebcdb0cef
f051bef91d
9
: end
no asdm history enable
Thanks again

Hello Belnet,
What do the logs show from the ASA.
Can you post them ??
Any other question..Sure..Just remember to rate all of the community answers.
Julio

Need help in configuring Client to Site IPSec VPN with Hairpinning on Cisco ASA5510 8.2(1)

Need urgent help in configuring Client to Site IPSec VPN with Hairpinning on Cisco ASA5510 - 8.2(1).
The following is the Layout:
There are two Leased Lines for Internet access - 1.1.1.1 & 2.2.2.2, the latter being the Standard Default route, the former one is for backup.
I have been able to configure Client to Site IPSec VPN
1) With access from Outside to only the Internal Network (172.16.0.0/24) behind the asa
2) With Split tunnel with simultaneous assess to internal LAN and Outside Internet.
But I have not been able to make tradiotional Hairpinng model work in this scenario.
I followed every possible sugestions made in this regard in many Discussion Topics but still no luck. Can someone please help me out here???
Following is the Running-Conf with Normal Client to Site IPSec VPN configured with No internat Access:
LIMITATION: Can't Boot into any other ios image for some unavoidable reason, must use 8.2(1)
running-conf --- Working normal Client to Site VPN without internet access/split tunnel
ASA Version 8.2(1)
hostname ciscoasa
domain-name cisco.campus.com
enable password xxxxxxxxxxxxxx encrypted
passwd xxxxxxxxxxxxxx encrypted
names
interface GigabitEthernet0/0
nameif internet1-outside
security-level 0
ip address 1.1.1.1 255.255.255.240
interface GigabitEthernet0/1
nameif internet2-outside
security-level 0
ip address 2.2.2.2 255.255.255.224
interface GigabitEthernet0/2
nameif dmz-interface
security-level 0
ip address 10.0.1.1 255.255.255.0
interface GigabitEthernet0/3
nameif campus-lan
security-level 0
ip address 172.16.0.1 255.255.0.0
interface Management0/0
nameif CSC-MGMT
security-level 100
ip address 10.0.0.4 255.255.255.0
boot system disk0:/asa821-k8.bin
boot system disk0:/asa843-k8.bin
ftp mode passive
dns server-group DefaultDNS
domain-name cisco.campus.com
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group network cmps-lan
object-group network csc-ip
object-group network www-inside
object-group network www-outside
object-group service tcp-80
object-group service udp-53
object-group service https
object-group service pop3
object-group service smtp
object-group service tcp80
object-group service http-s
object-group service pop3-110
object-group service smtp25
object-group service udp53
object-group service ssh
object-group service tcp-port
object-group service udp-port
object-group service ftp
object-group service ftp-data
object-group network csc1-ip
object-group service all-tcp-udp
access-list INTERNET1-IN extended permit ip host 1.2.2.2 host 2.2.2.3
access-list CSC-OUT extended permit ip host 10.0.0.5 any
access-list CAMPUS-LAN extended permit tcp 172.16.0.0 255.255.0.0 any eq www
access-list CAMPUS-LAN extended permit tcp 172.16.0.0 255.255.0.0 any eq https
access-list CAMPUS-LAN extended permit tcp 172.16.0.0 255.255.0.0 any eq ssh
access-list CAMPUS-LAN extended permit tcp 172.16.0.0 255.255.0.0 any eq ftp
access-list CAMPUS-LAN extended permit udp 172.16.0.0 255.255.0.0 any eq domain
access-list CAMPUS-LAN extended permit tcp 172.16.0.0 255.255.0.0 any eq smtp
access-list CAMPUS-LAN extended permit tcp 172.16.0.0 255.255.0.0 any eq pop3
access-list CAMPUS-LAN extended permit ip any any
access-list csc-acl remark scan web and mail traffic
access-list csc-acl extended permit tcp any any eq smtp
access-list csc-acl extended permit tcp any any eq pop3
access-list csc-acl remark scan web and mail traffic
access-list INTERNET2-IN extended permit tcp any host 1.1.1.2 eq 993
access-list INTERNET2-IN extended permit tcp any host 1.1.1.2 eq imap4
access-list INTERNET2-IN extended permit tcp any host 1.1.1.2 eq 465
access-list INTERNET2-IN extended permit tcp any host 1.1.1.2 eq www
access-list INTERNET2-IN extended permit tcp any host 1.1.1.2 eq https
access-list INTERNET2-IN extended permit tcp any host 1.1.1.2 eq smtp
access-list INTERNET2-IN extended permit tcp any host 1.1.1.2 eq pop3
access-list INTERNET2-IN extended permit ip any host 1.1.1.2
access-list nonat extended permit ip 172.16.0.0 255.255.0.0 172.16.0.0 255.255.0.0
access-list DNS-inspect extended permit tcp any any eq domain
access-list DNS-inspect extended permit udp any any eq domain
access-list capin extended permit ip host 172.16.1.234 any
access-list capin extended permit ip host 172.16.1.52 any
access-list capin extended permit ip any host 172.16.1.52
access-list capin extended permit ip host 172.16.0.82 host 172.16.0.61
access-list capin extended permit ip host 172.16.0.61 host 172.16.0.82
access-list capout extended permit ip host 2.2.2.2 any
access-list capout extended permit ip any host 2.2.2.2
access-list campus-lan_nat0_outbound extended permit ip 172.16.0.0 255.255.0.0 192.168.150.0 255.255.255.0
pager lines 24
logging enable
logging buffered debugging
logging asdm informational
mtu internet1-outside 1500
mtu internet2-outside 1500
mtu dmz-interface 1500
mtu campus-lan 1500
mtu CSC-MGMT 1500
ip local pool vpnpool1 192.168.150.2-192.168.150.250 mask 255.255.255.0
ip verify reverse-path interface internet2-outside
ip verify reverse-path interface dmz-interface
ip verify reverse-path interface campus-lan
ip verify reverse-path interface CSC-MGMT
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-621.bin
no asdm history enable
arp timeout 14400
global (internet1-outside) 1 interface
global (internet2-outside) 1 interface
nat (campus-lan) 0 access-list campus-lan_nat0_outbound
nat (campus-lan) 1 0.0.0.0 0.0.0.0
nat (CSC-MGMT) 1 10.0.0.5 255.255.255.255
static (CSC-MGMT,internet2-outside) 2.2.2.3 10.0.0.5 netmask 255.255.255.255
access-group INTERNET2-IN in interface internet1-outside
access-group INTERNET1-IN in interface internet2-outside
access-group CAMPUS-LAN in interface campus-lan
access-group CSC-OUT in interface CSC-MGMT
route internet2-outside 0.0.0.0 0.0.0.0 2.2.2.5 1
route internet1-outside 0.0.0.0 0.0.0.0 1.1.1.5 2
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
http server enable
http 10.0.0.2 255.255.255.255 CSC-MGMT
http 10.0.0.8 255.255.255.255 CSC-MGMT
http 1.2.2.2 255.255.255.255 internet2-outside
http 1.2.2.2 255.255.255.255 internet1-outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map internet2-outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map internet2-outside_map interface internet2-outside
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca xyzxyzxyzyxzxyzxyzxyzxxyzyxzyxzy
        a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
    a67a897as a67a897as a67a897as a67a897as a67a897as
quit
crypto isakmp enable internet2-outside
crypto isakmp policy 10
authentication pre-share
encryption aes
hash md5
group 2
lifetime 86400
telnet 10.0.0.2 255.255.255.255 CSC-MGMT
telnet 10.0.0.8 255.255.255.255 CSC-MGMT
telnet timeout 5
ssh 1.2.3.3 255.255.255.240 internet1-outside
ssh 1.2.2.2 255.255.255.255 internet1-outside
ssh 1.2.2.2 255.255.255.255 internet2-outside
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy VPN_TG_1 internal
group-policy VPN_TG_1 attributes
vpn-tunnel-protocol IPSec
username ssochelpdesk password xxxxxxxxxxxxxx encrypted privilege 15
username administrator password xxxxxxxxxxxxxx encrypted privilege 15
username vpnuser1 password xxxxxxxxxxxxxx encrypted privilege 0
username vpnuser1 attributes
vpn-group-policy VPN_TG_1
tunnel-group VPN_TG_1 type remote-access
tunnel-group VPN_TG_1 general-attributes
address-pool vpnpool1
default-group-policy VPN_TG_1
tunnel-group VPN_TG_1 ipsec-attributes
pre-shared-key *
class-map cmap-DNS
match access-list DNS-inspect
class-map csc-class
match access-list csc-acl
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class csc-class
csc fail-open
class cmap-DNS
inspect dns preset_dns_map
service-policy global_policy global
prompt hostname context
Cryptochecksum: y0y0y0y0y0y0y0y0y0y0y0y0y0y
: end
Neither Adding dynamic NAT for 192.168.150.0/24 on outside interface works, nor does the sysopt connection permit-vpn works
Please tell what needs to be done here, to hairpin all the traffic to internet comming from VPN Clients.
That is I need clients conected via VPN tunnel, when connected to internet, should have their IP's NAT'ted against the internet2-outside interface address 2.2.2.2, as it happens for the Campus Clients (172.16.0.0/16)
I'm not much conversant with everything involved in here, therefore please be elaborative in your replies. Please let me know if you need any more information regarding this setup to answer my query.
Thanks & Regards
maxs

Hi Jouni,
Thanks again for your help, got it working. Actually the problem was ASA needed some time after configuring to work properly ( ?????? ). I configured and tested several times within a short period, during the day and was not working initially, GUI packet tracer was showing some problems (IPSEC Spoof detected) and also there was this left out dns. Its working fine now.
But my problem is not solved fully here.
Does hairpinning model allow access to the campus LAN behind ASA also?. Coz the setup is working now as i needed, and I can access Internet with the NAT'ed ip address (outside-interface). So far so good. But now I cannot access the Campus LAN behind the asa.
Here the packet tracer output for the traffic:
packet-tracer output
asa# packet-tracer input internet2-outside tcp 192.168.150.1 56482 172.16.1.249 22
Phase: 1
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
MAC Access list
Phase: 2
Type: FLOW-LOOKUP
Subtype:
Result: ALLOW
Config:
Additional Information:
Found no matching flow, creating a new flow
Phase: 3
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in   172.16.0.0      255.255.0.0     campus-lan
Phase: 4
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in   192.168.150.1   255.255.255.255 internet2-outside
Phase: 5
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group internnet1-in in interface internet2-outside
access-list internnet1-in extended permit ip 192.168.150.0 255.255.255.0 any
Additional Information:
Phase: 6
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 7
Type: CP-PUNT
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 8
Type: VPN
Subtype: ipsec-tunnel-flow
Result: ALLOW
Config:
Additional Information:
Phase: 9
Type: NAT-EXEMPT
Subtype: rpf-check
Result: ALLOW
Config:
Additional Information:
Phase: 10
Type: NAT
Subtype:
Result: DROP
Config:
nat (internet2-outside) 1 192.168.150.0 255.255.255.0
match ip internet2-outside 192.168.150.0 255.255.255.0 campus-lan any
    dynamic translation to pool 1 (No matching global)
    translate_hits = 14, untranslate_hits = 0
Additional Information:
Result:
input-interface: internet2-outside
input-status: up
input-line-status: up
output-interface: internet2-outside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule
The problem here as you can see is the Rule for dynamic nat that I added to make hairpin work at first place
dynamic nat
asa(config)#nat (internet2-outside) 1 192.168.150.0 255.255.255.0
Is it possible to access both
1)LAN behind ASA
2)INTERNET via HAIRPINNING
simultaneously via a single tunnel-group?
If it can be done, how do I do it. What changes do I need to make here to get simultaneous access to my LAN also?
Thanks & Regards
Abhijit

Poor speed in peak hours - losing will to live - o...

Hi BT,
I am almost at the point of begging someone to help me here, thank you in advance for your time and insight. It was with a heavy heart that I departed from BE There after Sky's takeover, and invested a little faith in BT. I started a contract for BT Total Broadband 3, and received an immaculate service for the first ten days or so of my contract.
Then, quite suddenly, I started receiving dramatic drop-outs in peak hours only. As I type this, BT Speedtest reports downstream of 18.95mbps (as quoted) but by tonight, it will be down to around 0.05-0.1. This is with both a wireless and wired test, and has endured, every day, for around a month now. I work from home, and it's losing me money every night; if I restart the router then it sometimes picks up by a few mbps, but within minutes has returned to where it was.
I have a query open with BT Technical help department who, unlike general customer services, have been very responsive and helpful! I have been sending them regular diagnostics, however no-one can yet seem to identify what the problem is. They first suggested resetting to factory settings - no change. I then ran the full diagnostics with the aid of a BT worker's call last Friday, including TAP3 and everything that comes after, and the verdict was that my Broadband is 'performing extremely poorly and that a fault would be raised'.
I found this reassuring; however another employee called me this morning to tell me BT had spoken to the exchange, and ascertained that supposedly everything was 'fine with my line'. She suggested I try testing the service using the master socket in the white BT box, however there is no response when I try this - I cannot connect to Broadband, or get a dial tone. I am keen to know how much of an issue this could be, and whether this represents a problem on 'my' side or BT's? I have tried changing filter - same result. I have also called 17070 and there appears to be absolutely zero noise on my line.
I am at my wits' end, and constantly curse the decision I made to throw away a connection that hadn't misfired once in three years for one that is effectively unusable in the evenings/weekends. I have also recently finished a full time study course, money is short and I am slowly suspecting that I am going to be strong-armed into paying exorbitant engineers' fees to look at a connection that, with my previous ISP, functioned perfectly. This is desperately depressing; please, please could someone try and help?
This is my current ADSL status at 13.30:
ADSL Line Status
Connection Information
Line state:
Connected
Connection time:
0 days, 00:30:55
Downstream:
20.9 Mbps
Upstream:
1.133 Mbps
ADSL Settings
VPI/VCI:
0/38
Type:
PPPoA
Modulation:
G.992.5 Annex A
Latency type:
Fast
Noise margin (Down/Up):
3.0 dB / 6.0 dB
Line attenuation (Down/Up):
14.5 dB / 7.5 dB
Output power (Down/Up):
19.9 dBm / 11.5 dBm
FEC Events (Down/Up):
0 / 0
CRC Events (Down/Up):
63 / 32

Hi there, thanks for your response
Connection time is short due to my testing via the test socket about half an hour before posting on here. As in the above post, there is no response from the test socket; the master socket works fine (apart from the obvious slow-down issues in peak hours). The master socket is the only one in the house, and I've used it without issue for years before switching over to BT.
These are the requested full stats which I've just obtained (I had to restart the router again, which will explain the short connection time again!)
ADSL Line Status
Connection Information
Line state:
Connected
Connection time:
0 days, 00:03:52
Downstream:
21.02 Mbps
Upstream:
1.129 Mbps
ADSL Settings
VPI/VCI:
0/38
Type:
PPPoA
Modulation:
G.992.5 Annex A
Latency type:
Fast
Noise margin (Down/Up):
3.0 dB / 6.6 dB
Line attenuation (Down/Up):
14.5 dB / 7.5 dB
Output power (Down/Up):
19.8 dBm / 11.0 dBm
FEC Events (Down/Up):
0 / 0
CRC Events (Down/Up):
1 / 0
Loss of Framing (Local/Remote):
0 / 0
Loss of Signal (Local/Remote):
0 / 0
Loss of Power (Local/Remote):
0 / 0
HEC Events (Down/Up):
0 / 7
Error Seconds (Local/Remote):
68 / 0
PS - if you want me to leave it a while before posting stats, given the router has just been restarted, just let me know and I'll make this happen!

IPSec VPN Resets before Isakmp Lifetime Expires

Hi,
I have a IPSec tunnel between ASA5520 and 1841. The ISAKMP lifetime is set to the default 24 hours on both end. No volume limit is configured. But the tunnel resets itself 1.5 hours ahead every day. I need to keep the resetting at night so that my special application won't be broken during work hours.
I thougt the premature resetting was due to IOS version on the router. I upgraded to a new version but did not fix the problem.
Besides the resetting, everything else is working fine.
Any ideas are appreciated.

Hi,
One on my logs in ASA is as follows. (IP address is modified.)
Apr 16 2009 00:52:16: %ASA-4-113019: Group = ABC.ABC.177.202, Username = ABC.ABC.177.202, IP = NZ_Router, Session disconnected. Session Type: IPSecLAN2LAN, Duration: 22h:48m:33s, Bytes xmt: 983291523, Bytes rcv: 982279579, Reason: Idle Timeout
Apr 16 2009 23:40:50: %ASA-3-713902: Group = ABC.ABC.177.202, IP = ABC.ABC.177.202, Removing peer from peer table failed, no match!
Apr 16 2009 23:40:50: %ASA-3-713902: Group = ABC.ABC.177.202, IP = ABC.ABC.177.202, Removing peer from peer table failed, no match!
Apr 16 2009 23:40:50: %ASA-4-713903: Group = ABC.ABC.177.202, IP = ABC.ABC.177.202, Error: Unable to remove PeerTblEntry
Apr 16 2009 23:40:50: %ASA-4-113019: Group = ABC.ABC.177.202, Username = ABC.ABC.177.202, IP = NZ_Router, Session disconnected. Session Type: IPSecLAN2LAN, Duration: 22h:48m:32s, Bytes xmt: 751281811, Bytes rcv: 1447481492, Reason: User Requested
The disconnection reason can be either 'User Requested' or 'Idle Timeout'. When 'Idle Timeout', the application won't get dropped; when 'User Requested', the application gets dropped.
Thanks.

ASA 5505 Site-to-Site VPN dropping at end of lifetime

I have 4 ASA 5505's with Site-to-Site IPSEC VPN tunnels built between them. One of the tunnels stays up just fine but the other 2 drop at the end of the SA lifetime for a period of time equal to 10% of the SA lifetime.
Orignially, I had the the lifetime set to 1 hour and the tunnels would drop for 6 minutes. I changed the lifetime to 8 hours (480 minutes) and they dropped for 48 minutes. I've gone over the configurations and the only differences I can find is that the sites where the tunnel drops have the outside interface forwarded to an VOIP server and all ports but SIP blocked.

Can you post the configs?

IpSEC vpn dropped every day in peak hours

Similar Messages

Maybe you are looking for