Re: [PLUG] SecurID stuck in "Next Passcode" mode after using VPNC

Michael C. Toren on 29 Jun 2007 04:11:12 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] SecurID stuck in "Next Passcode" mode after using VPNC

From: "Michael C. Toren" <mct@toren.net>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] SecurID stuck in "Next Passcode" mode after using VPNC

Date: Fri, 29 Jun 2007 00:11:10 -0400

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

On Thu, Jun 28, 2007 at 11:50:24AM -0400, Erin Mulder wrote: > 1) Has anyone seen this before in conjunction with VPNC? One random > thought was that maybe it has some sort of reconnect-after-a-disconnect > feature that is trying to log me in without the passcode (and thus > triggering the "next passcode" mode). Other ideas or possibilities? I've been using vpnc for a few months, and once ran into a problem similar to the one you described, where after vpnc errored out, I was no longer able to connect to the VPN using either vpnc or the proprietary Cisco client. In my case, simply waiting a few hours (without having support reset anything) "fixed" the problem. > 3) Are there other common reasons why this could be happening? I use > NTP and my system time seems to be accurate so I don't think that's the > problem. Things work fine after a reset, so I don't think there's > anything wrong with the SecurID itself. I'm running NTP as well, but I don't think that would matter in my case, as I'm using a hardware SecureID rather than a software one. As far as I knew, the software solution was only available on Windows? I'd love not to carry around the hardware SecureID... :-) > Any help would be greatly appreciated! I'm the only Linux user on this > project and don't want to look like I'm wasting everyone's time with > Linux-specific issues. One common vpnc problem you'll also likely run into is that it does not have the ability to renegotiate keys during a session. What this means in practice is that after N hours (I think about six, in my case), the VPN will stop working and you'll be forced to disconnect and reconnect. This is a major downside of vpnc over the proprietary Cisco client, which I was able to leave connected for months at a time on my desktop. That being said, vpnc offers some advantages: No annoying kernel modules that you need to recompile each time you upgrade your kernel, it's much easier to configure, and it's trivial to control which network routes are installed when you connect to the VPN. -mct ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

[PLUG] SecurID stuck in "Next Passcode" mode after using VPNC
From: "Erin Mulder" <meara@alumni.princeton.edu>

Prev by Date: Re: [PLUG] delete unusual file name

Next by Date: Re: [PLUG] delete unusual file name

Previous by thread: [PLUG] Re: SecurID stuck in "Next Passcode" mode after using VPNC

Next by thread: [PLUG] linux cheap printer

Index(es):

Date

Thread