Rv215w not initiating vpn connection

Similar Messages

• Why is my Mac initiating hidden VPN connections?

  In looking through my system.log, I've discovered that my Mac is initiating VPN connections in the background but I don't know why, nor do I know what it's connecting to. It's apparently been going on for at least several weeks, if not longer. Here's some relevant entires from the log:
  Sep  3 14:45:30 BruceMacBookPro.local racoon[153]: Connecting.
  Sep  3 14:45:30 BruceMacBookPro.local racoon[153]: IPSec Phase1 started (Initiated by me).
  Sep  3 14:45:30 BruceMacBookPro.local racoon[153]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1).
  Sep  3 14:45:30 BruceMacBookPro.local racoon[153]: Connecting.
  Sep  3 14:45:30 BruceMacBookPro.local racoon[153]: IPSec Phase1 started (Initiated by me).
  Sep  3 14:45:30 BruceMacBookPro.local racoon[153]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1).
  Sep  3 14:45:32 BruceMacBookPro.local racoon[153]: IKEv1 Phase1 AUTH: success. (Initiator, Aggressive-Mode Message 2).
  Sep  3 14:45:32 BruceMacBookPro.local racoon[153]: IKE Packet: receive success. (Initiator, Aggressive-Mode message 2).
  Sep  3 14:45:32 BruceMacBookPro.local racoon[153]: IKEv1 Phase1 Initiator: success. (Initiator, Aggressive-Mode).
  Sep  3 14:45:32 BruceMacBookPro.local racoon[153]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 3).
  Sep  3 14:45:32 BruceMacBookPro.local racoon[153]: IKE Packet: transmit success. (Information message).
  Sep  3 14:45:32 BruceMacBookPro.local racoon[153]: IKEv1 Information-Notice: transmit success. (ISAKMP-SA).
  Sep  3 14:45:32 BruceMacBookPro.local racoon[153]: IPSec Phase1 established (Initiated by me).
  Sep  3 14:45:32 BruceMacBookPro.local racoon[153]: IKE Packet: receive success. (Information message).
  Sep  3 14:45:33 BruceMacBookPro.local racoon[153]: IKE Packet: transmit success. (Phase1 Retransmit).
  Sep  3 14:45:33 BruceMacBookPro.local racoon[153]: IPSec Phase2 started (Initiated by me).
  Sep  3 14:45:33 BruceMacBookPro.local racoon[153]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1).
  Sep  3 14:45:33 BruceMacBookPro.local racoon[153]: IPSec Phase2 started (Initiated by peer).
  Sep  3 14:45:33 BruceMacBookPro.local racoon[153]: IKE Packet: receive success. (Responder, Quick-Mode message 1).
  Sep  3 14:45:33 BruceMacBookPro.local racoon[153]: IKE Packet: transmit success. (Responder, Quick-Mode message 2).
  Sep  3 14:45:34 BruceMacBookPro.local racoon[153]: IKE Packet: receive success. (Initiator, Quick-Mode message 2).
  Sep  3 14:45:34 BruceMacBookPro.local racoon[153]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3).
  Sep  3 14:45:34 BruceMacBookPro.local racoon[153]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode).
  Sep  3 14:45:34 BruceMacBookPro.local racoon[153]: IPSec Phase2 established (Initiated by me).
  Sep  3 14:45:34 BruceMacBookPro.local racoon[153]: IKE Packet: receive success. (Responder, Quick-Mode message 3).
  There's lots more, but it all looks pretty much like the above. Would the OS, or some standard system service or application, be doing this? During the time period covered by the above log entries, as far as I can remember, the only apps I was running were Mail, Safari, and 1Password. I do have some VPN connections defined in the Network panel of System Preferences, but I was NOT using them at the time. Is this normal, or do I have a problem?
  -- Bruce

  I found this today also.  I'm going to turn off Back to my Mac, DropBox and Splashtop Remote and see if that stops it.  Do you run any of these? And tried turning any OFF.

• When will the 4.3.x iOS be fixed to allow VPN connections?

  Hello there,
  Our company has recently purchased two new Ipad 2's and can not get VPN connections working.
  We can connect through VPN on our Ipad 1's (4.2.1) But not on our second generation Ipad 2's (4.3.3).  After a quick search I have found similar problems reported when using OS 4.3.1 and later, with no current fixes being available.
  See thread: https://discussions.apple.com/thread/2778039?start=0&tstart=0   (22,000 views)
  My questions are, will there be a fix anytime soon or is it advisable to wait until iOS 5 is released?
  Is there any option to downgrade iOS versions?
  Why hasn't this been posted on the official Apple website as this clearly is false advertising?
  Regards,
  Kai.

  I am talking about APPLE'S in-built VPN option. Not anyone else's VPN solution. read: apple....
  Working fine for me with PPTP to a Cisco RV042, L2TP to a Windows 2003 server, and IPSec to a Cisco ASA5505.  All using iOS4.3.3 built-in VPN client.
  After a quick search I have found similar problems reported when using OS 4.3.1 and later, with no current fixes being available.
  Read through that thread you gave as an example very slowly, deliberately, and carefully.  I was very active in that thread and based in part on the info from that specific thread, IMHO the specific make and model of VPN endpoint you're connecting seems to be significant.  Once you filter out the numerous "me too" posts, it seems to me that many of the failures are connecting to Linux based VPN endpoints, particularly DD-WRT.  And as I've said in that thread and other threads, since it appears to be fine on Cisco and Windows "enterprise grade" equipment, everyone that is experiencing problems needs to call Apple with detailed info of their VPN endpoints so that it can get passed on to the engineering folks.  Just more "me too" calls doesn't help resolve the issue since if you take a setup like mine "everything is fine" so what more is there to "fix"?

• Mapped drives do not open after connecting via Cisco VPN Client

  I have an issue when I initially connect to my remote network, I cannot get to any mapped drive unless I wait a few minutes for the VPN connect to mature. To explain further, I have to wait 2-4 minutes after connecting to the VPN for me to actually connect to those drives.
  The error that pops up is:
  "An error occurred while reconnecting to DriveLetter: to \\Server\sharedDrive\    Microsoft WIndows Network: The network path was not found. This connection has not been restored.
  Now, immediately after  I connect, I am able to successfully ping the server that hosts those folder locations but for some reason I cannot get to the server via UNC/shared drives until I wait a few minutes after connecting. 
  Below is the list of error logs I get when attempting to connect to the mapped drives during those first few minutes of connectivity:
  1      15:26:39.804  10/06/14  Sev=Warning/3 IKE/0xA300005F
  Firewall, Sygate Security Agent, is not running, the client will not send firewall information to concentrator.
  2      15:28:10.614  10/06/14  Sev=Warning/2 IPSEC/0xE3700003
  Function CniInjectSend() failed with an error code of 0xE4510023 (IPSecDrvCB:856)
  3      15:28:10.614  10/06/14  Sev=Warning/2 IPSEC/0xE3700003
  Function CniInjectSend() failed with an error code of 0xE4510023 (IPSecDrvCB:856)
  4      15:28:10.614  10/06/14  Sev=Warning/2 IPSEC/0xE3700003
  Function CniInjectSend() failed with an error code of 0xE4510023 (IPSecDrvCB:856)
  5      15:28:10.614  10/06/14  Sev=Warning/2 IPSEC/0xE3700003
  Function CniInjectSend() failed with an error code of 0xE4510023 (IPSecDrvCB:856)
  6      15:28:10.614  10/06/14  Sev=Warning/2 IPSEC/0xE3700003
  Function CniInjectSend() failed with an error code of 0xE4510023 (IPSecDrvCB:856)
  7      15:28:10.614  10/06/14  Sev=Warning/2 IPSEC/0xE3700003
  Function CniInjectSend() failed with an error code of 0xE4510023 (IPSecDrvCB:856)
  8      15:28:10.614  10/06/14  Sev=Warning/2 IPSEC/0xE3700003
  Function CniInjectSend() failed with an error code of 0xE4510023 (IPSecDrvCB:856)
  9      15:28:10.614  10/06/14  Sev=Warning/2 IPSEC/0xE3700003
  Function CniInjectSend() failed with an error code of 0xE4510023 (IPSecDrvCB:856)
  10     15:28:17.188  10/06/14  Sev=Warning/2 IPSEC/0xE3700003
  Function CniInjectSend() failed with an error code of 0xE4510023 (IPSecDrvCB:856)
  11     15:28:17.188  10/06/14  Sev=Warning/2 IPSEC/0xE3700003
  Function CniInjectSend() failed with an error code of 0xE4510023 (IPSecDrvCB:856)
  12     15:33:50.642  10/06/14  Sev=Warning/2 CVPND/0xA3400015
  Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=192.168.11.120, error 0
  13     15:33:51.656  10/06/14  Sev=Warning/2 CVPND/0xA3400015
  Error with call to IpHlpApi.DLL: CleanUpVASettings: Was able to delete all VA settings after all, error 0
  14     15:35:16.855  10/06/14  Sev=Warning/3 IKE/0xA300005F
  Firewall, Sygate Security Agent, is not running, the client will not send firewall information to concentrator.
  Any ideas on what it could be?

  I have a client that is showing a similar issue.. Windows 7 computer using Cisco IPSec client terminating on a Cisco 881 Router.  I can ping the server by IP, Name and even access the drive from the start menu option, but not the mapped drive.  Currently I am looking into this from a offline file issue in windows, but ran across this post and was wondering if you had figured this out?  I am going to try the following and will post back if that resolves it.
  Doing some research I found that Windows 7 and Vista both have what’s called “slow link mode”.  The behavior is that if the latency of the network connection exceeds 80 milliseconds (ms), the system will transition the files to “offline mode”.  The 80 ms value is configurable using a local group policy edit.
  Open Group policy (start -> run -> gpedit.msc)
  Expand “Computer Configuration”
  Expand “Administrative Templates”
  Expand “Network”
  Click on “Offline Files”
  Locate “Configure slow-link mode”
  This policy can either be disabled or set to a higher value for slower connections.
  https://www.conetrix.com/Blog/post/Fixing-Problem-With-Windows-7-Shared-Files-and-Mapped-Drives-Unavailable-Over-VPN.aspx

• Traffic not returning to remote VPN connections

  I've successfully setup remote VPN connections to my ASA using vpnc as the client and everything behaves as expected. I'm trying to test the official Cisco client and I'm unable to make the same SSH connections across the VPN as I was using vpnc.
  The ASA shows connections the IKE and IPSec connections forming, and shows connections being built for the SSH traffic across the VPN.
  tcpdump shows the host listening on SSH behind the ASA receiving the traffic and sending ACKs in reply. They don't appear to be arriving back
  at the remote client though, and SSH connections timeout without connecting.
  Any idea what might be stopping the return traffic? I thought it might be some policy the ASA is pushing out to the Cisco client but not to vpnc but I can't spot anything obvious.

  Is the internal SSH host you are connecting to sending ACKS (as you've stated), or SYN/ACKs?
  It might be nice to know if the TCP three way handshake is being completed, and subsequent packets are the issue, or if it's the initial TCP setup that is the issue.
  Perhaps there would be some benefit in confirming whether these packets are making it through the IPSec tunnel, though the ASA un-encapsulated, or not through the ASA at all.
  You could use Wireshark to look for un-encapsulated packets exiting the ASA.
  You could use Wireshark to capture the "pre-encapsulated" traffic being sent to the far side, and the "post-decapsulation" traffic returning from the far side, by capturing on the Cisco VPN Client virtual interface (Windows installation).
  Perhaps examine IPSec SA details on the ASA and look for errors.
  Perhaps logging on the internal interface ACL (log any packets denied) to identify whether the returning packets are being dropped.

• VPN connection between ASA5520 and RV215w

  Hello everyone,
  I am trying to setup a vpn connection between ASA5520 with 9.1.(3) and rv215w 1.1.0.6
  Here is my setup ...
  But the vpn connection fails with an error message on ASA.
  RV215w shows ipsec established but i cannot ping the network behind.
  You can find asa-config and show-tech as attachment. I have added also some screenshots from RV215w.
  Any hint or help is appreciated.
  Cengiz

  Hi Cengiz,
  Dynamic CRYPTO maps mostly used in a Remote Access or Client to site VPN because end users working from home can have IP address new every time or like different whcn connect from home or from Internet cafe , hence ASA cant make a fix IP as Peer.
  But for site to site also Dynamic Crypto Map can be used but only at one side , else if you use Dynamic crypto map at both ends , both peer will wait for each other to initiate a tunnel Request as the device n this case ASA) configured with Dynamic Crypto map can only REPLY for a tunnel initiation , it can never send tunned initilaization request as it never know the IP address of the peer. Hence never make both device as dynamic crypto map or else they both never initiate and wait for each pther and tunnel will never happen.
  The main steps to be configured on the ASA end in order to establish dynamic tunnel:
      Phase 1 ISAKMP related configuration
      Nat exemption configuration
      Dynamic crypto map configuration
  The Cisco IOS router has a static crypto map configured because the ASA is assumed to have a static public IP address. Now this is the list of main steps to be configured on the Cisco IOS Router end to establish dynamic IPSEC tunnel.
      Phase 1 ISAKMP related configuration
      Static crypto map related configuration
  !---1. Configure the IPsec transform-set
  crypto ipsec transform-set myset esp-des esp-md5-hmac
  !--- 2. Configure the dynamic crypto map. Always rememeber to bind a dynamic crypto map to a blank static crypto map and then call that static crypto map to a ASA OUTSIDE Interface as Dynamic Crypto maps cannot be bind directly to ASA OUTSIDE Interface or say any interface.
  crypto dynamic-map MY_DYNAMIC_MAP 1 set transform-set myset
  crypto dynamic-map MY_DYNAMIC_MAP 1 set reverse-route
  !--- Enable Reverse Route Injection (RRI), which allows the ASA
  !--- to learn routing information for connected clients hence the static route will come above defaut route and hence
  !... will make the routing decision fast else every time for the other side router dynamic IP , default route have to get a hit but only after checking the entire routing table and when no match then use default route , so to save this entire route matchin process always good to use reverse route enjection so that other side non dynamic crypt peer can insert a static route enrty in ASA.
  !--- 2A. Always Bind dynamic crypto map named MY_DYNAMIC_MAP to a static crypto map named STATIC_MAP_CALLING_DYMANIC_MAP using a keyword dynamic in the last 
  crypto map STATIC_MAP_CALLING_DYMANIC_MAP 10 IPSec-isakmp dynamic MY_DYNAMIC_MAP
  !--- 2B.now apply static map on ASA OUTSIDE Interface
  crypto map STATIC_MAP_CALLING_DYMANIC_MAP interface outside
  !--- 3. Configure the phase I ISAKMP policy
  crypto isakmp policy 10
  authentication pre-share
  encryption des
  hash md5
  group 2
  lifetime 86400
  !--- 4. Configure the default L2L tunnel group parameters
  tunnel-group DefaultL2LGroup IPSec-attributes
  pre-shared-key *
  Plase rate if you like my post.
  Best Regards
  Sachin Garg

• Zone Base Forewall for VPN connections does not work after IOS upgrade

  Hi all,
  We use cisco router 2911 as corporate gateway - there is Zone Based Firewall implemented - I upgraded IOS to last version (15.2(2)T1) - originaly version 15.1(4)M1 - to solve issue with Anyconnect connections (bug CSCtx38806) but I found that after upgrade the VPN users are not able to communicate with sources in other zones.
  More specific
  WebVPN use this virtual template interface
  interface Virtual-Template100
  description Template for SSLVPN
  ip unnumbered GigabitEthernet0/1.100
  zone-member security INSIDE
  There are other zones VOICE, LAB, ...
  In the policy any connection is allowed (used inspection of icmp, tcp and udp) from INSIDE zone to VOICE or LAB zone
  After VPN connection I am able to reach resources in INSIDE zone (which is the most important), but not in other zones. Before upgrade it worked.
  Once I changed zone in Virtual-Template interface to VOICE, I was able to reach sources in VOICE zone but not in any other. I searched more and found the stateful firewall is not working for connections from VPN as ping is blocked by policy on returning way - it means by policy VOICE->INSIDE, once I allowed communication from "destination" zone to INSIDE zone - the connections started to work, but of cause it is not something I want to setup.
  Does anybody has the same experiance?
  Regards
  Pavel

  It seems to me I should add one importatant note - if client is connected directly in INSIDE zone, he can reach resources in other zones without any issue - so the problem is only when the client is connected by VPN - not in ZBF policy setup.
  Pavel

• I want to mirror an iOS device to my computer for demonstration and training purposes.  I cannot use Airserver as my company VPN does not allow the connection.  Is there a hardware solution instead?

  I want to mirror an iOS device to my computer for demonstration and training purposes.  I cannot use Airserver as my company VPN does not allow the connection.  Is there a hardware solution instead?

  Shoeb, hi.
  Thanks for replying and apologies for my tardiness in responding. I have just completed a re-creation of my web page using CSS/HTML rather than XML/XSLT and now I find that when saving in MHT format the watermark/background image is saved, which is nice, but trying to save it as 'webpage complete' under 'save as' in the browser still does not work. (For those who are new to Firefox, MHT files are not supported by the browser, but using the FF extention UnMHT one can open such files and save web documents as MHT files, meaning no accompanying folder is required to properly view the file.)

• VPN connects when on LAN but not via WAN

  Hi Guys,
  I've recently configured a VPN on my SLS. I uses the following settings:
  L2TP over IPsec
  PPP Authentication: Directory Services: MS-CHAPv2
  Shared Secret: xxxxxxxxx
  Client Information:
  DNS Servers: 10.0.1.250 (my server) 10.0.1.1 (my airport extreme) - This is where I think I'm going wrong
  In my SLS firewall I've open every possible port for both L2TP, PPTP and all required directory authentication ports I believe. If there are any tricky ones please let me know
  I am able to successfully connect to the VPN and route all traffic to the delegated IP when on my local network. However when ever I'm away from that network - friends, work, and various other tested internet connections - I am unable to connect to the VPN.
  I've ruled out the SLS firewall by turning it of for several days and trying to connect at several locations. I've checked the log on the VPN and there is no record of even an attempt to connect.
  In Security of Server Preferences i have exposed the VPN on the airport extreme. I've tried both with and without port forwarding. As far as i know (correct me if I'm wrong) because I have my domain name resolving to my server then I don't need port forwarding. My DNS works for all other services on the SLS.
  Any ideas at to what I might be doing wrong? Things I could try to isolate the problem?
  Any suggestions would be very handy!
  Best
  -J

  Your Airport Extreme does not contain a DNS server.
  Ensure MobileMe is disabled at your Airport. That messes up VPN pass-through.
  From a remote network, confirm that all of the necessary ports are open via nmap or Applications > Utilities > Network Utility or other tools.
  Quadruple-check the list of ports (and preferably with a second and third technical resource), as the Apple documentation around L2TP port pass-through with Airport and Time Capsule is murky.
  Ensure that you don't have the same subnet on both ends of the VPN connection as that can interfere with IP routing.
  Also try testing with PPTP, in place of L2TP.
  I'm in the midst of tussling with a recalcitrant VPN router myself, but that's another topic.

• General Settings not retained when connecting via VPN

  Forum,
  We have a user who connects to SAP via a VPN connection. Since then they have found that any form settings/column amendments made are not being retained when next logging into SAP.
  When these changes were made direct in the office, they are retained.
  My question. Is there any differences in how the settings are retained within SAP when accessing via a VPN?
  Regards,
  Juan

  Hi,
  When using your VPN are yo using Terminal LIcense or Remote Desktop Connection?
  Please do the following to save form settings:
  1. Only 1 module should be open when using form settings.
      Close other modules that doesn't need.
  2. Close the module after changed. To make sure the settings are saved.
  3. Always close all the module before exiting SBO program, use the click FIle and Exit habit.
  4. Terminal Licensing should be use when connecting remotely.
  Thanks.
  Clint

• Not possible to connect with Mac OS X v10.6.2 via VPN to smb://nameserver

  Hi al,
  I have a MacBook Pro. At the company I can connect my MacBook Pro without problems via the LAN to the company servers by using smb://nameserver
  At home I use a VPN connection to connect my MacBook Pro to the LAN at the company.
  The VPN connection between home and company is working well, because I can “run” web-based applications, using htpp://xxxx.xx via Safari.
  But the connection to the smb://nameserver is not working (in the past it worked well!) and I get the following message from Mac OS X : “Connection failed. The server “nameserver” may not exist or it is unavailable at this time. Check the server name or IP address, check your network connection, an then try again.”
  If I run, at home, the program “Parallel Desktops” I can make a VPN connection via Windows Vista, and connect to the same servers without problem.
  Is there anybody who can help me?

  Hi
  If you're trying to connect using the server's name you have to know which host server to use to resolve the name. If you don't know simply use its IP address:
  eg: instead of: smb://servername
  use: smb://IPaddress (this would be the private non-routable IP address)
  This should work? Depending which VPN Method you're using to Tunnel to the host network and how the host network is configed it may not do name resolution that well.
  If it used to work in the past it may have been because a static entry for the host network's DNS Server was placed in your Network Preferences Pane? Or if your connection was via PPTP or L2TP appropriate LAN settings were assigned once the connection was made to the host site? In other words a set of IP addresses matching the host site's LAN IP topology.
  Perhaps the current method you're using now of building the VPN Tunnel is via IPSec IKE/ISKAMP? In which case you may have to 'tell' your remote network which DNS Server to use at the host site for name resolution.
  A possible reason why it 'works' for the Windows side is because name resolution - most of the time - gets by without using fully qualifiable domain names. For example pinging an IP address in DOS to find a name works (most of the time) if you simply supply just the server name. This is not necessarily the case on the mac.
  Tony

• Cisco UC560 Not Clearing Static Routes When VPN Connections Drop

  We have a Cisco UC560 (UC560-FXO-K9) running "Cisco IOS Software, UC500 Software (UC500-ADVIPSERVICESK9-M),
  Version 15.1(2)T2, RELEASE SOFTWARE (fc1)"  The issue is when we have end users connecting with the Cisco VPN Client to this device sometimes we are unable to connect to any devices on our LAN or sometimes we can't connect to the LAN on the other end of our site-to-site VPN.  The one symptom I've observed when this happens is that old VPN sessions that have disconnected appear to leave static routes from the user's outside IP at their home to an IP on our LAN to a Virtual-Access interface.  When this starts to happen, I restart the firewall to clear out the stale static routes and the problem is fixed, for a while at least.  Below is the current state where we have the site-to-site VPN connected to our branch office and 2 user's connected with Cisco VPN clients.  Below that is the static route table which has 5 total Virtual-Access interface routes (one is an extra route for a user currently connected so that their outside IP is in the static route table with 2 inside IP's associated.)  Is there a way to fix the cleanup of VPN connections when they terminate?
  #sh crypto isakmp peers
  Peer: <branch office outside IP> Port: 500 Local: <firewall's outside IP>
  Phase1 id: <branch office outside IP>
  Peer: <users's outside IP #1> Port: 50420 Local: <firewall's outside IP>
  Phase1 id: EZVPN_GRP_437
  Peer: <user's outside IP #2> Port: 49345 Local: <firewall's outside IP>
  Phase1 id: EZVPN_GRP_437
  Bugsy#sh ip ro st
  Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
         D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
         N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
         E1 - OSPF external type 1, E2 - OSPF external type 2
         i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
         ia - IS-IS inter area, * - candidate default, U - per-user static route
         o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
         + - replicated route, % - next hop override
  Gateway of last resort is <next hop of ISP for firewall> to network 0.0.0.0
  S*    0.0.0.0/0 [1/0] via <next hop of ISP for firewall>
        10.0.0.0/8 is variably subnetted, 12 subnets, 3 masks
  S        10.0.0.153/32 [1/0] via <non-connected IP of VPN user>, Virtual-Access2
  S        10.0.0.155/32 [1/0] via <non-connected IP of VPN user>, Virtual-Access2
  S        10.0.0.156/32 [1/0] via <user's outside IP #2>, Virtual-Access3
  S        10.0.0.158/32 [1/0] via <user's outside IP #1>, Virtual-Access3
  S        10.0.0.159/32 [1/0] via <user's outside IP #2 again>, Virtual-Access2
  S        10.1.10.1/32 is directly connected, Vlan90

  Hi Brian,
  This sounds like you are running into the following known issue:
    CSCtl03682 - EzVPN client: Several RRI routes  pointing to same virtual interface
  which is Dup'd to:
    CSCtf39056 - RRI routes not deleted
  This is fixed since 15.1(2)T4, so I would recommend upgrading to SWP 8.2 or higher.  The only other way to clean up the stuck routes is to reload the router.
  Thanks,
  Brandon

• VPN Issue:  Could not Negotiate a connection with the remote PPP server

  Hello Folks,
  I setup VPN on Windows Server 2003 Enterprise R2. I am successfully able to connect to VPN via laptop internally and externally. However, on my iPhone I am not able to connect and receiving the following error "Could not Negotiate a connection with the remote PPP server".
  There doesnt seem to be a lot of documentation regarding this on Apple and or throughout the web.
  Anyone resolve this issue?
  Peace
  Phil C.

  I am not entirely sure my full setup. I had a friend help me set it up. Now for some reason when on WIFI on my own network I am able to connect to VPN ( I wasnt able to before), but when I switch to edge there is still no response for the PPP server. I even messed around with the PPP options still no response. Unfortunately I am not extremely server literate so my troubleshooting is limited. However it is now working via my own WIFI and will try it on another WIFI network tomorrow. I am wondering though if it connecting had to do with any updates from microsoft. Since this is a newly installed server 2003 it has been running updates. Some food for thought.
  Peace
  Phil

• VPN connects but does not function when resuming from sleep

  THe VPN on my ibook works fine - it connects and the data goes through. but when i put it to sleep (lid close/power->sleep) and than wake it up VPN connects fine and that's all. data stucks. i disconnect it - all works, pings go and so on. i connect it again, it connects, and pings stop, tracerouting stops and that's it. any ideas?

  Whatever you are connected to thinks you are disconnected by the sound of it, or it is confused about the current session and is not allowing traffic. Something in the "sign off" settings on the other may be misconfigured.
  You might want to post what you are connecting to (business network, etc). PPTP? L2TP?

• (Target failed to respond in time for a logout request) - - - Two Node's Iscsi initiator is not able to connect simultaneoulsy

  Environment
  OS = Windows 2003R2
  Iscsi initiator = 2.0.8
  Microsoft Iscsi Target = 3.3
  Error in event viewer = Target failed to respond in time for a logout request.
  Source iScsiPrt, Event ID 44
  Problem
  I have two systems with Win2003 R2 installed with Iscsi initiator 2.0.8. One Iscsi initiator is connected with the target but when I connect the second system, the system is not able to connect and giving me login error mentioned above. I disconnect the
  connected system(The system which is connected with windows target) and connect the system which is failing to connect with the windows target, this time the failing system able to connect with windows target.
  My workaround
  The system which is connected with the windows target, I restarted it. While restarting the system, I connect the other system which then connected successfully. Now this time when both systems are up and running both system's iscsi initiator is connected
  with Windows target.
  Any comment will be appreciated. Thanks. Zahid Haseeb.

  Hi Zahid,
  Have you tried the suggestion above?
  Please feel free to let us know if the issue persists.
  Best Regards,
  Amy Wang