Michael C. Toren on 29 Jun 2007 04:11:12 -0000 |
On Thu, Jun 28, 2007 at 11:50:24AM -0400, Erin Mulder wrote: > 1) Has anyone seen this before in conjunction with VPNC? One random > thought was that maybe it has some sort of reconnect-after-a-disconnect > feature that is trying to log me in without the passcode (and thus > triggering the "next passcode" mode). Other ideas or possibilities? I've been using vpnc for a few months, and once ran into a problem similar to the one you described, where after vpnc errored out, I was no longer able to connect to the VPN using either vpnc or the proprietary Cisco client. In my case, simply waiting a few hours (without having support reset anything) "fixed" the problem. > 3) Are there other common reasons why this could be happening? I use > NTP and my system time seems to be accurate so I don't think that's the > problem. Things work fine after a reset, so I don't think there's > anything wrong with the SecurID itself. I'm running NTP as well, but I don't think that would matter in my case, as I'm using a hardware SecureID rather than a software one. As far as I knew, the software solution was only available on Windows? I'd love not to carry around the hardware SecureID... :-) > Any help would be greatly appreciated! I'm the only Linux user on this > project and don't want to look like I'm wasting everyone's time with > Linux-specific issues. One common vpnc problem you'll also likely run into is that it does not have the ability to renegotiate keys during a session. What this means in practice is that after N hours (I think about six, in my case), the VPN will stop working and you'll be forced to disconnect and reconnect. This is a major downside of vpnc over the proprietary Cisco client, which I was able to leave connected for months at a time on my desktop. That being said, vpnc offers some advantages: No annoying kernel modules that you need to recompile each time you upgrade your kernel, it's much easier to configure, and it's trivial to control which network routes are installed when you connect to the VPN. -mct ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|