MacOS – Problem with build-in VPN client for Cisco IPSec protocol

I recently bought a new MacBook Pro Retina and unfortunately the built-in VPN client (Cisco IPsec configuration) doesn't work. Whats interesting third party VPN Tracker 8 works.

I'm running Mac OS X is Yosemite 10.10.3.

Logs after getting connected status using Apple build-in client:

May 17 21:31:44 MacBook-Pro-Marcin.local racoon[706]: IKE Packet: transmit success. (Information message).
May 17 21:31:44 MacBook-Pro-Marcin.local racoon[706]: IKEv1 Information-Notice: transmit success. (R-U-THERE? ACK).
May 17 21:31:44 MacBook-Pro-Marcin.local racoon[706]: IKE Packet: receive success. (Information message).
May 17 21:32:14 MacBook-Pro-Marcin.local racoon[706]: IKE Packet: transmit success. (Information message).
May 17 21:32:14 MacBook-Pro-Marcin.local racoon[706]: IKEv1 Information-Notice: transmit success. (R-U-THERE? ACK).
May 17 21:32:14 MacBook-Pro-Marcin.local racoon[706]: IKE Packet: receive success. (Information message).
May 17 21:32:14 MacBook-Pro-Marcin.local racoon[706]: IPSec Phase 2 started (Initiated by me).
May 17 21:32:14 --- last message repeated 1 time ---
May 17 21:32:14 MacBook-Pro-Marcin.local racoon[706]: >>>>> phase change status = Phase 2 started
May 17 21:32:14 --- last message repeated 1 time ---
May 17 21:32:14 MacBook-Pro-Marcin.local racoon[706]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1).
May 17 21:32:14 MacBook-Pro-Marcin.local racoon[706]: Fatal NO-PROPOSAL-CHOSEN notify messsage, Phase 1 should be deleted.
May 17 21:32:14 --- last message repeated 1 time ---
May 17 21:32:14 MacBook-Pro-Marcin.local racoon[706]: Message: ''.
May 17 21:32:14 --- last message repeated 1 time ---
May 17 21:32:14 MacBook-Pro-Marcin.local racoon[706]: IKE Packet: receive success. (Information message).
May 17 21:32:17 MacBook-Pro-Marcin.local racoon[706]: IKE Packet: transmit success. (Phase 2 Retransmit).
May 17 21:32:42 --- last message repeated 7 times ---
May 17 21:32:42 MacBook-Pro-Marcin.local racoon[706]: IKE Packet: transmit success. (Information message).
May 17 21:32:42 MacBook-Pro-Marcin.local racoon[706]: IKEv1 Information-Notice: transmit success. (R-U-THERE? ACK).

Both VPN Tracker 8 and Apple build-in VPN client have connected status enter image description here . However using the second one safari can't open the page because the server where the page is located isn't responding. My ifconfig logs to satisfy your request:

/* -ipconfig with VPN Tracker 8. VPN work great.
*
*
*
*/

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    options=3<RXCSUM,TXCSUM>
    inet6 ::1 prefixlen 128 
    inet 127.0.0.1 netmask 0xff000000 
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 
    nd6 options=1<PERFORMNUD>
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 8192
    inet 192.168.43.64 --> 172.30.4.0 netmask 0xffffffff 
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ether d0:a6:37:ee:7d:79 
    inet6 fe80::d2a6:37ff:feee:7d79%en0 prefixlen 64 scopeid 0x4 
    inet 192.168.0.100 netmask 0xffffff00 broadcast 192.168.0.255
    nd6 options=1<PERFORMNUD>
    media: autoselect
    status: active
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=60<TSO4,TSO6>
    ether 4a:00:00:44:18:c0 
    media: autoselect <full-duplex>
    status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=60<TSO4,TSO6>
    ether 4a:00:00:44:18:c1 
    media: autoselect <full-duplex>
    status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
    ether 02:a6:37:ee:7d:79 
    media: autoselect
    status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1452
    ether e2:d2:f5:14:4f:8e 
    inet6 fe80::e0d2:f5ff:fe14:4f8e%awdl0 prefixlen 64 scopeid 0x8 
    nd6 options=1<PERFORMNUD>
    media: autoselect
    status: active
bridge0: flags=8822<BROADCAST,SMART,SIMPLEX,MULTICAST> mtu 1500
    options=63<RXCSUM,TXCSUM,TSO4,TSO6>
    ether d2:a6:37:ee:ae:00 
    Configuration:
        id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
        maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
        root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
        ipfilter disabled flags 0x2
    member: en1 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 5 priority 0 path cost 0
    member: en2 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 6 priority 0 path cost 0
    nd6 options=1<PERFORMNUD>
    media: <unknown type>
    status: inactive

/* -ipconfig with Apple built-in VPN client. VPN does not work.
*
*
*
*/

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    options=3<RXCSUM,TXCSUM>
    inet6 ::1 prefixlen 128 
    inet 127.0.0.1 netmask 0xff000000 
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 
    nd6 options=1<PERFORMNUD>
gif0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ether d0:a6:37:ee:7d:79 
    inet6 fe80::d2a6:37ff:feee:7d79%en0 prefixlen 64 scopeid 0x4 
    inet 192.168.0.100 netmask 0xffffff00 broadcast 192.168.0.255
    nd6 options=1<PERFORMNUD>
    media: autoselect
    status: active
en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=60<TSO4,TSO6>
    ether 4a:00:00:44:18:c0 
    media: autoselect <full-duplex>
    status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=60<TSO4,TSO6>
    ether 4a:00:00:44:18:c1 
    media: autoselect <full-duplex>
    status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
    ether 02:a6:37:ee:7d:79 
    media: autoselect
    status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1452
    ether e2:d2:f5:14:4f:8e 
    inet6 fe80::e0d2:f5ff:fe14:4f8e%awdl0 prefixlen 64 scopeid 0x8 
    nd6 options=1<PERFORMNUD>
    media: autoselect
    status: active
bridge0: flags=8822<BROADCAST,SMART,SIMPLEX,MULTICAST> mtu 1500
    options=63<RXCSUM,TXCSUM,TSO4,TSO6>
    ether d2:a6:37:ee:ae:00 
    Configuration:
        id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
        maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
        root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
        ipfilter disabled flags 0x2
    member: en1 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 5 priority 0 path cost 0
    member: en2 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 6 priority 0 path cost 0
    nd6 options=1<PERFORMNUD>
    media: <unknown type>
    status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280
    inet 192.168.43.120 --> 192.168.43.120 netmask 0xffffffff

Best Answer

Your problem might be a basic MacOS X network configuration one. Most probably if you are using the infamous Automatic network configuration.

So as to clarify this point could you please make two ifconfig -a.

One when your working VPN is built with VPN Tracker 8.
One after your VPN failed with the Apple client configured for a Cisco IPSEC kind of VPN:

Then check that you place your newly created VPN interface on the top of the set of interfaces configured so as to maintain the use of the tunnel as long as it is up: VPN Cisco stop 2.1

Best Answer

Related Solutions

Has 10.6.7 broken the built-in Cisco IPSec VPN client

Set timeout on idle for VPN (Cisco IPsec)

Related Question