Search This Blog

Sunday, June 27, 2010

ShrewSoft / Cisco VPN Client– periodic disconnection

I recently had to setup the shrewsoft vpn connection for work, this was maninly due to the fact they were rolling out Windows X64 and the cisco vpn client did not support the x64 environment.

Now the shrewsoft vpn client is great, and all I did was import the cisco *.pcf files from the 32bit vpn client. And connectivity was established.

However of the two connections I setup I found that while they initially connected, after a set amount of time one the connections would disconnect with the error

“Connection terminated by gateway”

This was a tad annoying, and I could see no cause. However I eventually managed to establish that the timeout matched exactly to the setting on the firewall.

After trawling the internet, not really understanding what was going on, although pretty sure this setting was the culprit as the times matched (1000 seconds, 16 min 40 seconds), I stumbled across this.

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#solution06

What it eventually came down to was a mismatch in values between the firewall and the client. Now as far as I am aware this disconnection will only occur if the lifetime value on the client is greater than the firewall. (I don’t really understand why it connects once and then craps out).

Now the solution is to set the lifetime value in the client to the same value or less than on the firewall. This then means when the period is reached the client and the firewall can negotiate a new key.

Here is where the setting is in the Shrewsoft vpn client.

image

here is the setting in the cisco firewall

isakmp policy 1 lifetime 1000


Share/Bookmark

5 comments:

  1. Thanks a lot mate! Very useful in my case too

    ReplyDelete
  2. This was not working in my case. I uninstalled the recent windows update and disabled the windows update. Then reinstalled Shrew Soft VPN Client and now its working fine. Its not getting disconnected. I believe this "Shrew Soft VPN Client - session terminated by gateway" issue is due to some windows security update.

    ReplyDelete
    Replies
    1. Can you tell me which update you uninstalled

      Delete
    2. What was the update that you uninstalled. Co-Worker is having the same problem. Whenever connection is made, the client craps out stating "session terminated by gateway". Whenever he restores to a previous point (Restore Point) it keeps the tunnel open and connects perfectly!

      Delete
  3. I am having the same problem can you tell me which update to uninstalled.

    ReplyDelete