VPN IP connectivity issues

Unanswered Question
Feb 26th, 2003
User Badges:


Using Cisco Secure Client Ver 3.6, terminating on a PIX 515 firewall, remote clients using analogue BT lines, NTL broadband are able to connect to all network as configured over a VPN connection. However, BT ADSL users are having problems. These users connects fine with the VPN client icon showing in the taskbar. The issue is that there is no IP connectivity at all from BT ADSL users.

Routes have been double checked and the fact that other users using other access methods are able to connect to all parts of the network nullifies routing as an issue as specified in IPSEC debugging document by Cisco.

I look forward to your insight on this one.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
ifonlajac Wed, 02/26/2003 - 03:28
User Badges:


What do you mean by PIX O/S 6.3? The latest PIX ver out is 6.1.( 4) and I am running PIX ver 6.1(1) which I think is fairly current.



scotthale Wed, 02/26/2003 - 03:57
User Badges:

6.2.X is the most current release, and 6.3 is downloadable for field testing purposes.



rjphillips Thu, 03/06/2003 - 05:59
User Badges:

I'm assuming your users are using the standard 512K home DSL with one IP address with the USB modem.

We had a lot of customers have problems with this type of connection. We never got a decent explanation from BT as to why this happens, not really a great suprise there. We have found several "workarounds" for this though.

Use Transparent NAT, has worked with concentrators and will be on 6.3 release of PIX OS.

Connect using a DSL router instead of USB modem. Cisco routers work well enough but there's cheaper DSL routers out there. We have had a lot of success using Draytek USB devices.

Upgrade to the NONAT service and use the Ethernet router provided by BT.

I use BT ADSL (with the green Alcatel USB modem) and client version 3.6 to connect to a PIX 515. I have to use a DSL router to get the VPN connection worlking.I had intermitent problems when connecting the USB straight into the PC. I can only assume from this that BT do not block IPSec traffic, but the USB modem is causing a problem.

Incidentally, we found differing problems with different Microsoft O/S's.

Hope this helps.



This Discussion