"no response from target" with 0.4.0 up to 0.5.3 but not with 0.3.3

I am so sorry for the report above. On a clean Feisty installation (same computer, same server) I was able to connect using vpnc 0.4.0ubuntu1.1 to my Cisco VPN Server.
I can however garantee that the problem I had before was consistent: 0.4.0-1.1 didn't work but 0.3.3 did. I tried several times, totally removing ("Complete removal" option on synaptics) everything related to vpnc between different attempts.

Do you use amd64?

Nope.
Old Pentium

On 24/09/2007, Philipp Kern <email address hidden> wrote:
> Do you use amd64?
>
> --
> "no response from target" with 0.4.0(1.1) but not with 0.3.3
> https://bugs.launchpad.net/bugs/122045
> You received this bug notification because you are a direct subscriber
> of the bug.
>

Could you please attach the result of `vpnc --no-detach --debug 3 <configurationfile>'?

As I said, the problem is "solved" now that I have a clean Feisty
installation, so I guess there is no use in sending the file (I'll be
glad to do it, in case you think it's worth it).

As I also said, the problem was constant with my "old" Fesity
installation, where I completelly removed and reinstalled vpnc 0.4 and
vpnc 0.3.3 three or four times each (one at a time of course). 0.3.
always worked, but 0.4 never did.

On 24/09/2007, Philipp Kern <email address hidden> wrote:
> Could you please attach the result of `vpnc --no-detach --debug 3
> <configurationfile>'?
>
> ** Changed in: vpnc (Ubuntu)
> Assignee: (unassigned) => Philipp Kern (pkern)
> Status: New => Incomplete
>
> --
> "no response from target" with 0.4.0(1.1) but not with 0.3.3
> https://bugs.launchpad.net/bugs/122045
> You received this bug notification because you are a direct subscriber
> of the bug.
>

Well, if vpnc 0.4.0 always broke for you, then it's highly likely that an upgrade to Gutsy (which contains this version) will break your VPN access.

It would be nice to see this debug output for all versions in [0.3.3 (i.e. feisty), 0.4.0-3ubuntu2 (i.e. gutsy), 0.5.1 (vanilla, not in the archives)]. Problems with vpnc are hard to track because they might depend on the remote VPN concentrator.

I'm using vpnc 0.4.0-2ubuntu1.1, and it's working fine on my "new"
Feisty installation. Back on my "old" Feisty, I had to force synaptic
to keep the old repository for 0.3.3.

Unfortunately I don't have the old debug output.

And according to the IT services of the company, I was the only one
having a problem with vpnc.. But Linux it's not their speciality.

I'll reply again in a week or two, if I have problems with the
upcoming Gutsy distro.

Thanks

On 24/09/2007, Philipp Kern <email address hidden> wrote:
> Well, if vpnc 0.4.0 always broke for you, then it's highly likely that
> an upgrade to Gutsy (which contains this version) will break your VPN
> access.
>
> It would be nice to see this debug output for all versions in [0.3.3
> (i.e. feisty), 0.4.0-3ubuntu2 (i.e. gutsy), 0.5.1 (vanilla, not in the
> archives)]. Problems with vpnc are hard to track because they might
> depend on the remote VPN concentrator.
>
> --
> "no response from target" with 0.4.0(1.1) but not with 0.3.3
> https://bugs.launchpad.net/bugs/122045
> You received this bug notification because you are a direct subscriber
> of the bug.
>

Ok fine. Please just open a new bug report with the above information if you encounter problems with the version in Gutsy. Thanks for reporting.

I'm seeing the same problem with version 0.4.0-3ubuntu2 on a 32-bit Gutsy system upgraded from Feisty.

I've attached the output from the command suggested by Philipp Kern.

Two debug outputs, one with NAT Traversal Mode cisco-udp and one without.

Marking as New so Philipp can see the report again.

Sorry, Feisty v0.4.0-2ubuntu1

You're not going to believe this, but adding this to the default.conf file magically made it work:

Local Port 10000

Source: http://forums.gentoo.org/viewtopic-t-544893-highlight-vpnc.html?sid=a6a7351956a2bc29a483e9b00ef045fb

I can confirm this problem on Ubuntu Hardy. However, the solution provided by Onno by adding local port 10000 solved it instantly. So maybe it is just a documentation problem? (It took me quite a bit of digging to find this).

Same for me, "Local Port 10000" solved my vpnc problem.

Maybe this Bug can handle providing this option as part of Networkmanager-vpn? I could not find any way of adding this flag there right now, so am stuck with commandline for now.

The solution for me was to start vpnc with --application-version "Cisco Systems VPN Client 0.3:WinNT".
It seem "no response from target" is a generic error message, and in my case, meant the cisco admins were not allowing access to anything else than Win32 clients. Good luck !

This still is happening with latest vpnc in karmic (0.5.3-1), the workaround with "Local Port 10000" still allows to use vpnc successfully.

Confirmed with vpnc in Karmic. Adding "Local Port 10000" makes it work here.

The oddest thing is "Local Port 499" works too, and so does "Local Port 501". It looks like port 500 is specifically getting blocked.

This is running from home, through a Linksys Etherfast Cable/DSL Router, BEFSR41 V3, to a cable connection. The connection is through Virgin Media in the UK.

I have checked the web configuration interface and there seems to be no mention of port 500 anywhere. The router does not have any IPsec or VPN options that might be snooping that port, either. The laptop where I am running vpnc does not have any iptables rules, and all policies are set to ACCEPT.

The most annoying thing about this behaviour is there's no obvious way to add the option through NetworkManager, and NetworkManager doesn't use the normal configuration files, so you can't use NetworkManager's VPN controls at all.

Because these things always happen from time to time, imho NetworkManager's GUI should offer a way to add arbitrary options or point to a config file to pass to vpnc, for those occasions when you need extra options that it doesn't know about. Its "Mobile Broadband" and "DSL" GUIs have the same problem: when you need to give extra options to pppd for an unusual reason, there is no way to do it, or if there is a way it's obscure.

Btw, it was only after about 45 minutes of trying different things, killing NetworkManager, starting vpnc manually and so on that I eventually found this bug report here, and discovered the "Local Port 10000" advice which worked.

Unfortunately the error "no response" isn't very informative, although it is surely secure. You never know if you've got all the right options for NAT traversal type and other things, so you have to try everything.

A suggested recipe going through the known common problems and trying each workaround in turn would be very helpful - if there is a short list of known common problems, that is.

I had Ubuntu 9.10 with vpnc installed and working. I did a clean install of Ubuntu 10.04 beta 2 recently, installed vpnc (0.5.3) from repositories, copied the same work.conf to /etc/vpnc/ and when I run "vpnc work" I get "no response from target". I tried to add "NAT Traversal Mode cisco-udp" and "Local Port 10000" lines, but still no luck (the same error "no respose").
Then I tried to run vpnc on my installed CrunchBang Statler (debian-based) distribution on the same machine. It has the same 0.5.3 version. I copied the work.conf (without NAT and Local Port lines) to /etc/vpnc and it works like a charm!

Can someone confirm that this still affects a supported release of Ubuntu (8.04, 10.04, 10.10, 11.04, or 11.10) ? 9.10 is no longer supported and 8.04 is on a "critical updates only" status right now which this one may not be serious enough for.

Marking Incomplete pending responses, and setting importance to Medium since there seem to be workarounds available.

Status changed to 'Confirmed' because the bug affects multiple users.