Cisco VPN Client: Remote peer is no longer responding.
If you have a profile that used to work and is no longer working for you this might help… or not… The message “Remote peer is no longer responding” is used on more than one failure scenario.
Increase the log level on /etc/opt/cisco-vpnclient/vpnclient.ini:
[main]
BinDirPath=/usr/local/bin
EnableLog=1
[LOG.IKE]
LogLevel=15
[LOG.CM]
LogLevel=3
[LOG.CVPND]
LogLevel=3
[LOG.XAUTH]
LogLevel=3
[LOG.CERT]
LogLevel=3
[LOG.IPSEC]
LogLevel=15
[LOG.CLI]
LogLevel=3
[LOG.FIREWALL]
LogLevel=15
[LOG.PPP]
LogLevel=1
[LOG.DIALER]
LogLevel=1
[LOG.GUI]
LogLevel=1
Now Run:
# ipseclog ipseclog.txt &
Cisco Systems VPN Client Version 4.8.02 (0030)
Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Linux
Running on: Linux i686 #1 SMP Wed Feb 11 23:58:12 EST 2009 i686
Config file directory: /etc/opt/cisco-vpnclient
[1] 5143
#
And now try connecting again.
After it fails check /var/log/ipseclog.txt and try finding DEL_REASON_PEER_NOT_RESPONDING.
Then if the profile you’re using has EnableNAT=1 try changing to EnableNAT=0 and try connecting again.
This solved the problem for me.
If you still have the problem try also restarting your Internet connection or the network service (Fedora):
# /etc/init.d/network restart
I’m in the military and use VPN for our email purpose. Our other internet is provided by our base. however if we go from our base network to the VPN, we have to restart our computers in order to get back to the base network. Our base uses DHCP and doesn’t allow users to have administrative rights. Is there anything we can do to adjust the cisco vpn so we don’t have to restart?
So, when you’re outside your base you use a VPN to connect to your base and get your military emails using an Internet connection provided by your base? or… you’re inside your base network and then you use VPN to get emails that are stored on a server somewhere outside your base (say some other IT-based base)… and then when you disconnect your VPN you don’t have local network access anymore?
What operating system are you using?
Do you have physical access to the ethernet cables? Can you unplug it and plug it in again?
When we’re in our base we use the network provided by the base. however, our email servers are located at a different base, so we VPN to get to that location. When we disconnect the VPN to reconnect to our local base, we can’t just reset the proxy to the local we’re having to restart our machines to get the local domain back. We’re currently using Windows XP…however my users do not have admin rights. We’ve tried the IP renew…but without the admin rights we can’t do that, base won’t allow for users to have admin rights, we’ve disconnected our LAN lines and reconnected that doesn’t work. I really don’t know much about VPN so I was wondering if there’s a setting that we can adjust or add to make it so that we don’t have to restart the machines to go back to the local domain?
Did you try log off and log on without restarting the pc?
Are you using Internet explorer and Outlook for emails? If so, what version? Can you ping your proxy server when you leave the VPN? Can you ping any machine on the network?
Is you Cisco client updated and do you have automatic updates turned on?
Thanks – useful info on cisco vpn logging in general. This is not a trivial thing in the Linux client.