07-25-2007 03:17 AM - edited 02-21-2020 03:10 PM
Hi, we are experiencing problems with our VPN sites.. we are using cisco 800 series routers on remote sites all with IPSEC VPN configured.. all sites connect back to a central site and terminate on a cisco pix 515. The problem is that VPN clients are not getting any group policy settings when logging into windows. Group policy works fine for NON VPN sites. Can anyone shed any reason or fix for this.. I read somewhere that this could be something to do with fragmented packets.. but for the life of me I dont know where to start..
thanks
Craig.
07-31-2007 11:43 AM
Refer to the document "Most Common L2L and Remote Access IPSec VPN Troubleshooting Solutions" In that, go through the section Problem - Remote Access Users Connect to VPN and Have No Other Access to Resources
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#topic-ra
07-31-2007 01:55 PM
It could be the Slow Link detection mechanism in your Default Domain Policy
have a look here
cheers
Dave
07-31-2007 06:32 PM
Hi Craig - did you try http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081e621.shtml. I've ran into this issue before when dealing with NetBios traffic (shared folders across an NT Domain for instance) but not with attributes. Hopefully this will still help you out.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: