all VPN licenses are currently in use

Forum zum Thema allgemeinen Fragen zu VPN

Moderator: Lancom-Systems Moderatoren

Antworten
averlon
Beiträge: 174
Registriert: 05 Okt 2012, 09:48

all VPN licenses are currently in use

Beitrag von averlon »

Hi,
Lancom 1781A
10.00.0171RU3

I have tried to configure a Client-to-Server VPN.

When tracing, I get the error message:

Code: Alles auswählen

[VPN-Status] 2017/10/08 12:01:10,496  Devicetime: 2017/10/08 12:01:07,810
IKE info: The remote server 80.187.81.109:500 was rejectedbecause all VPN licenses are currently in use

[VPN-Status] 2017/10/08 12:01:10,496  Devicetime: 2017/10/08 12:01:07,811
IKE log: 120107.811146 Default message_vpn_connection_not_allowed: number of licensed sas exceeded
This is somehow courious to me as I only have 1 net-to-server VPN running.

And I expect the 1781a to have more connections at a time possible.

Is there something I would need to configure?
Gruß
Karl-Heinz
beki
Moderator
Moderator
Beiträge: 109
Registriert: 16 Jan 2017, 13:09
Wohnort: DKB/BY/DE

Re: all VPN licenses are currently in use

Beitrag von beki »

What does

Code: Alles auswählen

l /Status/VPN/Licenses
tell you?
averlon
Beiträge: 174
Registriert: 05 Okt 2012, 09:48

Re: all VPN licenses are currently in use

Beitrag von averlon »

Hi,
this path does not exist.

Code: Alles auswählen

l Status/VPN/Connections/

Peer              State             Last-Error                                 Mode     SH-Time  phys.-Conn.       B1-DT    Remote-Gw                                Nat-Detection     SSL-Encaps.   Crypt-Alg       Crypt-Length    Hash-Alg        Hash-Length     Hmac-Alg        Hmac-Length     Compr-Alg       Client-SN        Conn.-time            IKE-Type
==================--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
IKEV2_F42252HN    Ready             (none)                                     Active   0        INTERNET          9999     0.0.0.0                                  no-nat            No            (none)          0               (none)          0               (none)          0               (none)          not-available    0:00:00
IKEV2_F42252NB    Ready             (none)                                     Active   0        INTERNET          9999     0.0.0.0                                  no-nat            No            (none)          0               (none)          0               (none)          0               (none)          not-available    0:00:00
IKEV2_F42252S3    Connection        (none)                                     Active   9999     INTERNET          9999     178.254.20.139                           no-nat            No            AES_CBC         256             HMAC-SHA1       160             (none)          0               (none)          not-available    14:17:05              IKEv2

Code: Alles auswählen

l /Status/VPN/Tunnel

Tunnel  INFO:    1
Gruß
Karl-Heinz
beki
Moderator
Moderator
Beiträge: 109
Registriert: 16 Jan 2017, 13:09
Wohnort: DKB/BY/DE

Re: all VPN licenses are currently in use

Beitrag von beki »

averlon hat geschrieben:Hi,
this path does not exist.
Oh, okay... Now how do we show that this is not an actual valid message due to a missing license?

"l /1/26/40" fails, too (avoiding language issues)?
averlon
Beiträge: 174
Registriert: 05 Okt 2012, 09:48

Re: all VPN licenses are currently in use

Beitrag von averlon »

Hi,
same result: Path name wrong: /1/26/40
Gruß
Karl-Heinz
GrandDixence
Beiträge: 1054
Registriert: 19 Aug 2014, 22:41

Re: all VPN licenses are currently in use

Beitrag von GrandDixence »

averlon hat geschrieben:Is there something I would need to configure?
"all VPN licenses are currently in use" could happens:

a) Dead Peer Detection (DPD) is not well configured:

Setup > VPN > IKEv2 > General > DPD-Inact-Timeout

https://www.lancom-systems.de/docs/LCOS ... 6_4_2.html

http://www.lancom-forum.de/fragen-zum-t ... 15356.html

http://www.lancom-forum.de/aktuelle-lan ... 16074.html

or

b) Dead Peer Detection (DPD) issues in older LCOS firmware (LCOS < 10.12Rel) => use latest available official LCOS firmware.
averlon
Beiträge: 174
Registriert: 05 Okt 2012, 09:48

Re: all VPN licenses are currently in use

Beitrag von averlon »

Hi,
10.12 was offered today first time.
I will update and then test again and report results.
Gruß
Karl-Heinz
averlon
Beiträge: 174
Registriert: 05 Okt 2012, 09:48

Re: all VPN licenses are currently in use

Beitrag von averlon »

Hi,
10.12 solved it.

Now:
l Status/VPN/Licenses

Licenses INFO: 5
Client Connections work now and message on licenses does not show up anymore. :)
Gruß
Karl-Heinz
Antworten