View Single Post
Old 02-25-2014, 07:22 AM
rshaynes rshaynes is offline
Join Date: Mar 2010
Location: Eastern Time Zone, United States
Posts: 27
rshaynes has 12 reputation points
Default VPN Client - User Did Not Acknowledge The Banner

This particular disconnection can be caused by any number of triggers.

What type of endpoint are you using? VPN Router? VPN Gateway? Secure Router?

Upgrading to the latest available 10.06.301/500 client resolves one such issue if the tunnel mode is SSL. The VPN client was using a legacy Microsoft API in service mode.

The tunnel may not be establishing. It may be blocked by interim firewall or a problem on the VPN endpoint. Tunnels operate in either ESP mode or UDP mode. If traversing a NAT or firewall, UDP mode is recommended. Some firewall/NAT devices misbehave and make the client think ESP is established when UDP is required for transport.

There are several other corner cases that can lead to banner failure. Start with the first and investigate the second by tracing on the client. If the ESP traffic is one way (client to VPN endpoint) and no UDP traffic - then likely a misbehaving NAT or VPN endpoint is not properly configured to support UDP encapsulation.
Reply With Quote