Cisco VPN client gives the following status: Not Connected

I installed the Cisco VPN Client set up the following sections: Host Group Authentication Enable Tunneling UPD

My VPN network connection is set up with the following address

169.254.18.31 - is 169 a good address?

Every time I try to connect, the status comes back with a not connected I tried the UDP method but it can't connect

Any help would be appreciated!

Thanks

-- I am using the free version of SPAMfighter for private users. It has removed 3550 spam emails to date. Paying users do not have this message in their emails. Try

formatting link
for free now!

Reply to
J
Loading thread data ...

In article , J wrote: :I installed the Cisco VPN Client

:My VPN network connection is set up with the following address

:169.254.18.31 - is 169 a good address?

No, 169.254 is reserved for local connections, and is deliberately not supposed to be routable. It differs from the RFC1918 address spaces, which are private but routable within a private network.

Reply to
Walter Roberson

:> No, 169.254 is reserved for local connections, and is deliberately :> not supposed to be routable. It differs from the RFC1918 address :> spaces, which are private but routable within a private network.

:There is no such thing as unroutable IP address. Even 127.0.0.1 is :routable. You possibly meant IP address from private and reserved :address spaces.

You would appear to be incorrect on both points.

formatting link
"RFC 3927 - Dynamic Configuration of IPv4 Link-Local Addresses"

This document uses the term "routable address" to refer to all valid unicast IPv4 addresses outside the 169.254/16 prefix that may be forwarded via routers. This includes all global IP addresses and private addresses such as Net 10/8 [RFC1918], but not loopback addresses such as 127.0.0.1.

formatting link
"RFC 3330 - Special-Use IPv4 Addresses"

127.0.0.0/8 - This block is assigned for use as the Internet host loopback address. A datagram sent by a higher level protocol to an address anywhere within this block should loop back inside the host. This is ordinarily implemented using only 127.0.0.1/32 for loopback, but no addresses within this block should ever appear on any network anywhere [RFC1700, page 5]. 169.254.0.0/16 - This is the "link local" block. It is allocated for communication between hosts on a single link. Hosts obtain these addresses by auto-configuration, such as when a DHCP server may not be found.
Reply to
Walter Roberson

There is no such thing as unroutable IP address. Even 127.0.0.1 is routable. You possibly meant IP address from private and reserved address spaces.

Reply to
£ukasz Bromirski

It means You're set to get an IP address from DHCP server, but Your NIC couldn't locate one, and Your Windows box choose randomly some IP address from 169.254/16 space. Recheck Your network settings and try to renew address. For more information, refer to RFC3330[1]:

"169.254.0.0/16 - This is the "link local" block. It is allocated for communication between hosts on a single link. Hosts obtain these addresses by auto-configuration, such as when a DHCP server may not be found."

I know some technical guys from Cox, and I see You've station from their network - call Your technical support, they should be able to guide you step by step.

[1].
formatting link
Reply to
£ukasz Bromirski

Well, not exactly:

Please note phrase "this document".

Process of "routing" a packet, is finding longest destination match in routing table and queuing this packet on the looked up destination address. This process is not specially different for any public IP (62.111.150.246 being my actual IP for example) and for any from the RFC1918 *if* we let things like keeping Internet clean and filtering private address spaces aside. Router gets a packet, look ups the RIB for longest-prefix match and forwards packet, if nothing gets in the way.

It's true of course, that most of the systems usually treat 127/8 traffic in a special way on a low-level, but it's still routable - meaning it can be found in a RIB and it can be used. And I don't know any (I've just browsed NetBSD/OpenBSD/FreeBSD and Linux kernel sources just to be sure) that treats RFC1918 lookups differently than any other destination addresses.

And, as far as we're speaking about that - many ISPs still don't filter RFC1918 address space, and You can still see 10/8, 172.16/12,

192.168/16 or even sometimes 169.254/16 packets wild in the Internet. If they wouldn't be routable, how could they appear in Internet?

....yes, and quoting my post: "Even 127.0.0.1 is routable" means,

127/8 network is usually in the RIB. You don't have it?

As far as speaking about what is 'private address space' and 'public address space' please see RFC1918:

formatting link
And You'll notice official terminology is 'private/public address space', not 'routable/not routable IP address'. RFC3927 is using the term 'routable' to differentiate link-level address space of IPv4 (169.254/16) from other address spaces. Only other place within RFC/BCP etc. besides RFC3927 I see term 'routable IP address' is with suffix 'globally' which makes obvious sense but You didn't add it in Your post.

However, I do think this discussion is purely academical - I'll just made a comment about terminology that's all. I won't try to push my humble opinion down Your throat ;)

Regards,

Reply to
£ukasz Bromirski

Got to log tab on the vpn client and enable logging .

Capture the logs .

Probably they will help in understanding what's happening here . Maybe group name is wrong or password not correct etc .

Post the logs .

HTH SH

Reply to
Sarabjit Singh

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.