it's been a while since I tried connecting to our company's VPN through vpnc... it used to work like a charm, however I tried connecting today and it's been impossible... and don't know why.
Tips
- I'm getting this message when running it:
received notice of type (ISAKMP_N_NO_PROPOSAL_CHOSEN)(14), giving up
I can see (on debug) that the company's network segments are received correctly, I get an IP and then in breaks:
Code:
S6.2 phase2_config receive modecfg
[2013-07-22 08:48:57]
got save password setting: 0
got 5 acls for split include
acl 0: addr: 10.240.128.0/ 255.255.128.0 (17), protocol: 0, sport: 0, dport: 0
acl 1: addr: 192.168.164.0/ 255.255.255.0 (24), protocol: 0, sport: 0, dport: 0
acl 2: addr: 192.168.167.0/ 255.255.255.0 (24), protocol: 0, sport: 0, dport: 0
acl 3: addr: 172.16.0.0/ 255.255.255.0 (24), protocol: 0, sport: 0, dport: 0
acl 4: addr: 192.168.162.30/ 255.255.255.255 (32), protocol: 0, sport: 0, dport: 0
Split DNS:
Remote Application Version: Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.3(2)T, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Thu 28-Mar-13 14:47 by prod_rel_team
got address 192.168.164.56
S7 setup_link (phase 2 + main_loop)
[2013-07-22 08:48:57]
S7.0 run interface setup script
[2013-07-22 08:48:57]
S7.1 QM_packet1
[2013-07-22 08:48:57]
S7.2 QM_packet2 send_receive
[2013-07-22 08:48:57]
NAT-T mode, adding non-esp marker
S7.3 QM_packet2 validate type
[2013-07-22 08:49:02]
received notice of type (ISAKMP_N_NO_PROPOSAL_CHOSEN)(14), giving up
S7.5 QM_packet2 check reject offer
[2013-07-22 08:49:02]
---!!!!!!!!! entering phase2_fatal !!!!!!!!!---
NAT-T mode, adding non-esp marker
S7.11 send isakmp termination message
[2013-07-22 08:49:02]
NAT-T mode, adding non-esp marker
vpnc: quick mode response rejected: (ISAKMP_N_INVALID_MESSAGE_ID)(9)
On my box I don't have anything resembling those segments (or IP):
Code:
$ ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 00:21:9b:ee:ab:fe brd ff:ff:ff:ff:ff:ff
3: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:23:4e:6d:36:c1 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.106/24 brd 192.168.0.255 scope global eth2
inet6 fe80::223:4eff:fe6d:36c1/64 scope link
valid_lft forever preferred_lft forever
$ ip route show
default via 192.168.0.1 dev eth2 proto static
169.254.0.0/16 dev eth2 scope link metric 1000
192.168.0.0/24 dev eth2 proto kernel scope link src 192.168.0.106 metric 9
What could be the problem?
I'm on kubuntu 13.04 (vpnc from packages).
