cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
487
Views
0
Helpful
2
Replies

VPN Client on MSWin2003 RRAS breaks some client network access

andytripp
Level 1
Level 1

Hi,

We run a MS 2003 Server running Routing and Remote Access server as our office default gateway. This server connects to the internet and creates VPN connections to remote sites. It also runs the DHCP service.

Since installing the Cisco VPN Client version 4.8.01.0300 the XP clients on the network are unable to view some websites (such as microsoft or experts-exchange) and commit some network functionality. To get the clients working we have to install and the uninstall the VPN Client software on each PC!

Uninstalling the VPN Client software from the routing and remote access server does not solve the problem - it has obviosuly made a change to the box that is not un-done by an uninstall.

This is causing us a real headache so if anyone has any ideas then they would be much appreciated.

A customer has issued this version of the VPN Client so I am unsure if we can simply upgrade. I also doubt upgrading will undo whatever has affected the routing and remote access server! I am hoping someone can tell me a nice registry key to delete or something similar!

Kind regards

Andy

1 Accepted Solution

Accepted Solutions

drolemc
Level 6
Level 6

This problem could be MTU issues. The problem occurs because many web servers block ICMP messages and the packets are dropped. As a result, the requested web site doesn't load. This problem is caused also by an incompatible MTU networking setting. You may try to install the latest SP. If you use MS ICS, you may want to configure all your Client computers to use the new, lower MTU as the default for all Internet communication. To modify the MTU size, locate the following registry key: HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Services\ Tcpip\ Parameters\ Interfaces. If you use a router like Cisco DSL Router, you may want to adjusting the PPPoE MTU Size. For example, to adjusting the PPPoE MTU Size on the Cisco DSL Router, do

interface ethernet0

no shut

ip address

ip adjust-mss 1452

View solution in original post

2 Replies 2

drolemc
Level 6
Level 6

This problem could be MTU issues. The problem occurs because many web servers block ICMP messages and the packets are dropped. As a result, the requested web site doesn't load. This problem is caused also by an incompatible MTU networking setting. You may try to install the latest SP. If you use MS ICS, you may want to configure all your Client computers to use the new, lower MTU as the default for all Internet communication. To modify the MTU size, locate the following registry key: HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Services\ Tcpip\ Parameters\ Interfaces. If you use a router like Cisco DSL Router, you may want to adjusting the PPPoE MTU Size. For example, to adjusting the PPPoE MTU Size on the Cisco DSL Router, do

interface ethernet0

no shut

ip address

ip adjust-mss 1452

Thanks drolemc,

Just tested adding the MTU (hex514) key to an unchanged (and hence no microsoft.com) client machine, rebooted and seen everything work as normal.

So I can now add a single key rather than install/uninstall the cisco VPN client software on each client.

Conclusion:

Don't install Cisco VPN client on a routing and remote access server!

I assume that if I now remove the MTU key from the RARS box I would then get back to a situation where out of the box XP clients would work again... I will test this theory and report back.

Thanks again...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: