Thursday, January 15, 2009

Error Message: Secure VPN Connection terminated locally by client. Reason 429

Within Penn State's VPN client, there are connection entries for "ITS Wireless at campusname." Entries include ITS Wireless at UP, ITS Wireless at Altoona, ITS Wireless at Beaver, etc. In the Host entry for these entries you see "mobility.campusname.psu.edu" (where campusname represents the abbreviation for a campus location. Entries include mobility.up.psu.edu, mobility.as.psu.edu, mobility.br.psu.edu, etc.

According to http://its.psu.edu/wireless/faq.html#21, "If you are in a location that has Penn State Wireless you need to launch the VPN client on your laptop and select the Penn State campus where you are located. Once you login using your Access Account, you can begin to use the wireless network for your tasks."

Situation:
According to http://alerts.its.psu.edu/alert-867, on Thursday, October, 23, 2008, all campuses using the ITS Wireless VPN service began using Cisco's Adaptive Security Appliance (ASA) platform. As a result, all campus wireless traffic is re-routed to ASA's located at University Park. In other words there is no longer a need for separate "mobility.campusname.psu.edu" names in the VPN client. In effect, all the VPN traffic needs to find mobility.up.psu.edu in order to connect.

If you attempt to use the VPN client to access an ITS Wireless location and receive this error, Reason 429: Unable to resolve server address, your laptop is unable to resolve mobility.up.psu.edu to its IP address.

Workaround:
You can create an ITS Wireless connection that uses the direct IP address for mobility.up.psu.edu.

  1. Open the VPN client. Click the New button.
  2. In Connection Entry, enter ITS Wireless.
  3. You may leave Description blank.
  4. In Host, enter 172.28.41.68.
  5. Under Group Authentication, the Name should be pennstate
  6. The Password and Confirm Password should also be pennstate

    Note: The passwords are case-sensitive (for example, Pennstate is not the same as pennstate)
  7. Click Save.
  8. You can use this connection to access ITS Wireless from any campus including University Park.

2 comments:

Anonymous said...

This didn't work for me. I obviously cannot connect from home, but I tried it and I still get the same message. If I'm already connected to my home network and then try to connect, I get no popup for my password, but it does say contacting the security gateway.

Vince Verbeke said...

These steps are for accessing Penn State's ITS Wireless at a campus. They will not work from a home network.

From home, you should use the ISP-to-PSU connection entry to establish a VPN connecion to Penn State. More steps here:

http://it.cas.psu.edu/455.htm

These steps can only be followed by person with a Penn State Access Account of course.