cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1140
Views
0
Helpful
19
Replies

VPN client over wireless

dianewalker
Level 1
Level 1

We have a VPN Concentrator 3005. One of the users is trying to connect to our network through wireless at a hotel. He was able to login through Cisco VPN client. However, he could not open Microsoft Outlook. Can you help? Thanks.

Diane

19 Replies 19

pstebner1
Level 1
Level 1

Hi-

This is actually not a Cisco issue per-se, but due to the fact that (i'm almost certain) the hotel is blocking the port that Exchange uses. Assuming that you guys use the MS OWA (Outlook web access), you need to go into Outlook ->Tools ->email accounts ->Next ->change ->More Settings ->Connection -> Enable and then click on Connect to my Exchange mailbox using HTTP.

You would then need to click the Exchange Proxy Settings button and add the URL for your OWA to that page, and then change your authentication type from NTLM to Basic. Also, make sure that both boxes are checked for fast and slow connections.

Save these settings, close OUtlook and then re-open it and that should do it.

HTH,

Paul

You know, I just re-read your post and I may be wrong. I'm going to test this setup this evening and I'll post back.

P

Diane-

Quick question - is your Exchange server in your office (behind the VPN concentrator) or is it hosted off-site?

Thanks,

Paul

Thanks for taking time to answer my question, Paul.

My Exchange server is behind the VPN Concentrator.

I was able to connect to the internet through wireless. However, when I was authenticated through VPN client, I no longer can access the internet nor my local LAN.

Thanks.

Diane

Diane-

Ok. Does this only happen when using the wireless or do you always have issues with connecting to the VPN? Are you using split-tunneling? Also, when you say Local LAN, are you referring to the LAN behind the concentrator or the LAN wherever it is that you are physically located?

Paul

Thanks for your prompt response.

The issue only happens when I connect using wireless. The VPN client works fine when I connected through a wired cable.

I do not use Split-tunneling.

Local LAN refers to LAN behind the Concentrator.

Thanks.

Diane

Diane-

Sorry - I had a long lunch break...

So, when you connect through the wireless do you actually connect to the concentrator? I can see the WiFi router blocking something like ESP, or not doing NAT-traversal, but if you actually connect I'm afraid I'm a bit stumped. I assume that this is only happening with the WiFi in this particular hotel?

P

Thanks for your prompt response again, Paul.

Yes, when I connect through wireless, I actually connect to the Concentrator. Is there a way to find out from my computer to see if the ESP or ports that are open or closed when I am connecting to the Concentrator? I was thinking about the commands that I can type from my computer.

Thanks.

Diane

hmmm.... not really. You can see what happens with the vpn connection negotiation by enabling logging on the client before connecting, but that's about it. If you have Ethereal on your pc, you can see everything that happens.

You don't have any access to the WiFi router, do you? Also, can you ping the concentrator once you've connected?

Thanks for your prompt response again. I do not have access to the WIFI router.

I cannot ping the Concentrator or anything on my LAN.

I am not sure if "netstat" or "nbtstat" commands would give me any open or closed ports information.

If you can think of anything else, please let me know.

Thanks for taking time to answer my questions.

Diane

Hey Diane-

If you can't ping the (inside) interface of your concentrator (assuming that is has icmp echo-reply enabled) then your IPSec tunnel isn't forming correctly. Did you check the VPN client log? Also, is there anyone on the other end that can get into the concentrator to verify your connection?

P

Paul,

Thanks for your prompt response, again.

I have not tried the VPN client log. Everyone on the end can get into the Concentrator.

Thanks.

Diane

What is the IP assigned to you via wireless and what is the IP network behind the concentrator?

Seems like there is at least one thing that hasn't been asked yet. Does the user have any connectivity to the remote network or is it just Outlook that is not working?

I know that they have no connectivity at all. Srue asks a good question though.

Diane- What IP address are you getting?

Paul

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: