IPsec VPN connection drops automatically every 47 mins

1

1

I'm using Cisco Systems VPN Client Version 5.0.07.0440 on Windows 7 Ultimate 64-bit to connect to a VPN server through IPSec/UDP.

The problem is each time when it connects, I always get warnings in the log like:

1) 19:16:37.473 03/01/13 Sev=Warning/2 CVPND/0xE3400013 AddRoute failed to add a route with metric of 0: code 160 Destination 192.168.56.255 Netmask 255.255.255.255 Gateway 10.0.0.1 Interface 10.113.0.2

2) 19:16:37.473 03/01/13 Sev=Warning/2 CM/0xA3100024 Unable to add route. Network: c0a838ff, Netmask: ffffffff, Interface: a710002, Gateway: a000001.

I don't really care much about these 2 warnings as long as I can get access to the Internet, but the problem is, after about exact 47 minutes the IPSec connection would drop. And here's the error message:

enter image description here

This is super annoying because I have to reconnect every 47 minutes, anybody knows why and what should I do to fix this?

P.S.: Here's also some error logs right before the connection drops:

1 19:46:18.398 02/28/13 Sev=Warning/3 IKE/0xE30000A9 Invalid Proxies for requested QM negotiation: LocalProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0, RemoteProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0 :(PLMgrID:367)

2 19:46:18.398 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process ID payload (MsgHandler:681)

3 19:46:18.398 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process QM Msg 1 (NavigatorQM:386)

4 19:46:18.398 02/28/13 Sev=Warning/2 IKE/0xE30000A7 Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)

5 19:46:22.398 02/28/13 Sev=Warning/3 IKE/0xE30000A9 Invalid Proxies for requested QM negotiation: LocalProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0, RemoteProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0 :(PLMgrID:367)

6 19:46:22.398 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process ID payload (MsgHandler:681)

7 19:46:22.398 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process QM Msg 1 (NavigatorQM:386)

8 19:46:22.398 02/28/13 Sev=Warning/2 IKE/0xE30000A7 Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)

9 19:46:29.599 02/28/13 Sev=Warning/3 IKE/0xE30000A9 Invalid Proxies for requested QM negotiation: LocalProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0, RemoteProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0 :(PLMgrID:367)

10 19:46:29.599 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process ID payload (MsgHandler:681)

11 19:46:29.599 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process QM Msg 1 (NavigatorQM:386)

12 19:46:29.599 02/28/13 Sev=Warning/2 IKE/0xE30000A7 Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)

13 19:46:42.564 02/28/13 Sev=Warning/3 IKE/0xE30000A9 Invalid Proxies for requested QM negotiation: LocalProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0, RemoteProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0 :(PLMgrID:367)

14 19:46:42.564 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process ID payload (MsgHandler:681)

15 19:46:42.564 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process QM Msg 1 (NavigatorQM:386)

16 19:46:42.564 02/28/13 Sev=Warning/2 IKE/0xE30000A7 Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)

17 19:47:05.891 02/28/13 Sev=Warning/3 IKE/0xE30000A9 Invalid Proxies for requested QM negotiation: LocalProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0, RemoteProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0 :(PLMgrID:367)

18 19:47:05.891 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process ID payload (MsgHandler:681)

19 19:47:05.891 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process QM Msg 1 (NavigatorQM:386)

20 19:47:05.891 02/28/13 Sev=Warning/2 IKE/0xE30000A7 Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)

21 19:47:47.885 02/28/13 Sev=Warning/3 IKE/0xE30000A9 Invalid Proxies for requested QM negotiation: LocalProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0, RemoteProxy : ID=0.0.0.0/0.0.0.0 Protocol=0 port=0 :(PLMgrID:367)

22 19:47:47.886 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process ID payload (MsgHandler:681)

23 19:47:47.886 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to process QM Msg 1 (NavigatorQM:386)

24 19:47:47.886 02/28/13 Sev=Warning/2 IKE/0xE30000A7 Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)

25 19:50:47.567 02/28/13 Sev=Warning/3 IKE/0xE3000066 Could not find an IKE SA for 10.255.255.255. KEY_REQ aborted.

26 19:50:47.567 02/28/13 Sev=Warning/2 IKE/0xE300009B Failed to initiate P2 rekey: Error dectected (Initiate:176)

27 19:50:47.567 02/28/13 Sev=Warning/2 IKE/0xE300009B Unable to initiate QM (IKE_MAIN:463)

28 19:50:47.718 02/28/13 Sev=Warning/2 CVPND/0xA3400015 Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=10.113.0.2, error 0

29 19:50:48.729 02/28/13 Sev=Warning/2 CVPND/0xA3400015 Error with call to IpHlpApi.DLL: CleanUpVASettings: Was able to delete all VA settings after all, error 0

Shane

Posted 2013-03-01T15:06:33.493

Reputation: 73

Does this happen after 47 minutes of inactivity, or are messages passing when this happens? Does this happen to all users of the VPN server, or just to you? Does your ISP limit unpaid VPN connection duration? – harrymc – 2013-03-04T08:17:05.020

@harrymc: Whatever I do(downloading aggressively or browsing web pages), the connection just drops after about 47 minutes. No, it just happens to me and the support also has no idea why this is happening. I don't really understand what the last question means, but you need to pay to use this VPN, and my status is OK according to their support. – Shane – 2013-03-04T14:42:58.257

The last question is motivated by the fact that if you go via an ISP, some ISPs have a cap on the allowed connection time via VPN. To have more time, one needs to pay an extra. (Probably not your case, but I would like to be sure that this is so.) – harrymc – 2013-03-04T17:03:41.437

@harrymc: Well, I'm pretty sure there's no such cap on my ISP side, since some other people of the same ISP could connect to the VPN without having any problems at all. – Shane – 2013-03-05T02:00:13.400

The AddRoute error message is on 192.168.56.255. Check the network segments used by the router and VPN for overlap. Check also for the others that are not having this problem. Even if no conflict, please add this info to the post, as well as checking whether this happens on boot into Safe Mode with Networking (if Cisco functions in this mode). – harrymc – 2013-03-05T07:34:56.090

@harrymc: The support told me all other people do not have such problems at all and he has no idea why this is happening to me. And also unfortunately, Cisco VPN does not function in the Safe Mode with Networking. I've searched around and found several people having same problem and I've tried some workarounds but nothing worked for me, the thing is, there does not seem to be a clear solution for this... – Shane – 2013-03-06T04:03:29.987

Answers

0

Try to reinstall Cisco or try another VPN client. Try also using another router.

If the problem persists for all of these tests, then it might actually be with the VPN server itself.

harrymc

Posted 2013-03-01T15:06:33.493

Reputation: 306 093

I couldn't find any other good VPN client, and most of the software I found are out of date and could not be installed on my win 7 64 bit, well this is really annoying. Would you mind recommending some working alternatives? Thanks – Shane – 2013-03-07T04:02:49.280

There always the Microsoft VPN client. A free alternative I have heard about is Shrew Soft.

– harrymc – 2013-03-07T07:36:04.757

0

Your problem is mentioned on the Cisco support forums as well. I would enumerate below all the steps that seem to have worked for people, and add a few suggestions of my own:

  • Try route print from the Windows command prompt at the beginning and just before the crash to see what has changed. It could give you some valuable debugging info.
  • Install any pending Windows updates
  • See if there is a VPN client update available
  • Disable your antivirus software temporarily and see if the problem recurs
  • See if there is some other program is trying to update your routing tables. The route print from above might help

Sudipta Chatterjee

Posted 2013-03-01T15:06:33.493

Reputation: 308

0

1) 19:16:37.473 03/01/13 Sev=Warning/2 CVPND/0xE3400013 AddRoute failed to add a route with metric of 0: code 160 Destination 192.168.56.255 Netmask 255.255.255.255 Gateway 10.0.0.1 Interface 10.113.0.2

2) 19:16:37.473 03/01/13 Sev=Warning/2 CM/0xA3100024 Unable to add route. Network: c0a838ff, Netmask: ffffffff, Interface: a710002, Gateway: a000001.

The above error message looks like a User Permissions problem (i.e. the user running the application does not have the required privileges to "add a route"

Try launching the VPN Client executable (or link) as Administrator.

  • Find the executable (program) and
  • Right Click on it
  • Select Run As Administrator

(apologies if you can't follow verbatim, I don't have a Vista box around)

If the problem is purely about the "Permissions/Privileges" than the above should get you past the "add route" problem, and hopefully that gets you up all the way.

samt

Posted 2013-03-01T15:06:33.493

Reputation: 101

Asked: 2013-03-01T15:06:33.493

Viewed: 6 962 times

Active: 2020-01-05T04:05:25.747