vpnc - it keeps disconnecting after 24 minutes

ubuntu vpnc cisco-vpn-client

There is a bug report that addresses this problem, dating from 2010-10-28, but unfortunately still unsolved. It seems like the disconnect time is somewhat individual, although the reported times are still longer than 24 minutes.

The article points to a fix described here, which requires the recompilation of vpnc.

If your problem is related to rekeying, then the article rekeying problem with 0.5.3 claims that the bug is new to version 0.5.3 and does not exist in 0.5.1.

[EDIT}

It seems like going back to 0.5.1 didn't work for you. It also seems as if vpnc disconnects are common to many Linux distributions.

I have found Fixing vpnc disconnect problem above version 0.5.x, which suggests that maybe one needs to go back even to 0.4.x. In any case, the article suggests a fix which probably does not relate to your case but you could try :

After all we have to turn off DPD at the client end as well (vpnc) what we can achieve 2 ways:

  • add "--dpd-idle 0" command line switch when invoking "vpnc"
  • better yet to add this line to the config file: "DPD idle timeout (our side) 0"

Further information: man vpnc

There is similar info coming from RedHat support : Bug 484114 - VPN disconnect every 5 mins.

You could try going to vpnc 0.4.x, but I am starting to wonder if the problem is on your side or with some setting of the vpn server : 24 minutes is too precise.


Try changing the NAT traversal mode to cisco-udp, that solved it for me

NAT Traversal Mode cisco-udp

My Full config looks like this

IPSec gateway VPNHOSTIP
IPSec ID SAMPLESHAREDUSER
IPSec secret SAMPLESHAREDKEY
Xauth username SAMPLEUSER
Xauth password SAMPLEUSERPASS
IKE Authmode psk
#IKE DH Group dh2 # this is the default
DNSUpdate no
DPD idle timeout (our side) 0
NAT Traversal Mode cisco-udp

My VPN conenction is still running after 20 hrs so far.


I had the same problem, and none of the suggested solutions worked for me. In the end, I gave up on vpnc and tried the ShrewSoft vpn client. It's a bit of a hassle because you have to compile it yourself (and manually install any missing dependencies -- in my case, cmake, libedit2, flex, and bison). But it seems to work fine.

At the time of writing, you can download it from https://www.shrew.net/download/ike

Related

Automatically send Skype chat notifications to email?
Program for creating language syntax/grammar "railroad" diagrams? [closed]
VMWare Invisible Mouse Pointer
Making `#!/usr/bin/env python` work on Windows
Resuming Chrome file download after shutting down the PC
should I put my multi-device btrfs filesystem on disk partitions or raw devices?
How to disable caching in Internet Explorer 9?
Network access to VirtualBox VM from Network PCs
Telling Vim to use custom .vimrc is easy, but how to tell it to use alternative path instead of ~/.vim?
Should I replace sshfs with NFS? [closed]
How to extract multipart rar with missing parts?
Have UPS shut down computer automatically in Linux when the power goes out