VPN session remains up but can no longer get to internal devices

Unanswered Question
Dec 3rd, 2008
User Badges:

Our remote users in Germany are provided with a mixture of Vodafone 3G Mobile Connect Cards (PCMCIA) and "USB sticks" for cellular broadband access. Installed on their laptops is Vodafone's Mobile Connect Client & Cisco VPN client version 5.

To connect, they first connect to Vodafone's "VPN access point" -- Vodafone's VPN only service offering. Once connected, they VPN into the network with the Cisco client. All users connect to a Cisco 3020 Concentrator.

Users are able to access network resources, however, they lose connectivity after 5-10min. What's unusual is, it doesn't look like the VPN session drops since the padlock in the right hand corner remains locked; they just can't access network resources.

To troubleshoot...

a) We had a user establish a VPN session then immediately start a continuous ping to an internal device's IP address. The connection stayed up for 20min before requests started timing out.

b) We enabled "IPSec over TCP" on the client and Concentrator side, no change.

What could possibly be causing this behavior?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
CSCO10203269 Thu, 12/04/2008 - 08:01
User Badges:

Attached is a screenshot showing the pings failing, yet, the Cisco padlock is still locked.

gdextensis Sat, 12/06/2008 - 05:59
User Badges:

Does Vodafone use Venturi Transport Protocol clients for Windows like Verizon's does with their EvDO cards? If so, we had to turn off and eventually uninstall the Venturi client software because it detrimentally interfered with IPsec traffic.


CSCO10203269 Mon, 12/08/2008 - 05:13
User Badges:


I believe the Vodafone client does come with a optimization component. I ask the local contact to uninstall it to see if it makes a difference.


This Discussion