Cisco Support Community
Community Member

Cannot connect to resource using VPN - Strange problem...


I have 1 Windows 2000 PC that is connected behind an 837 which is NAT'ing - users need to access resources on this PC via VPN. The 837 is configured to allow remote clients to VPN in using the Cisco Unity client (Have tried both 3.5 and 3.6 btw). The remote client dials up his local ISP using a standard modem, once connected the client initiates the connection. The client is able to connect without any problems. Once connected you can ping the Windows 2000 PC on the LAN side without any problems, however, if you try and connect to any resources (e.g. NET USE W:\ \\\C$ ) you get an error "Network path cannot be found".

This is where it gets strange - The Windows PC on the LAN side can access any resources on the remote client! (e.g. net use w: \\remote.ip\Sharename will work).

There is no domain or server involved any - just simple pc-to-pc access needed

Both machines are in the same workgroup.

Any ideas? I'm loosing my mind here...

Thanks for any help.

Sho run config below....



Router#sho run

Building configuration...

Current configuration : 2671 bytes


version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption


hostname Router


no logging buffered

enable secret 5 $1$TuaJ$CJ2./pSfM4uNr88fTal6a/


username xxxxx password xxxxx

username xxx password xxxx

aaa new-model



aaa authentication login userauthen local

aaa authorization network groupauth local

aaa session-id common

ip subnet-zero

ip name-server xxx

ip name-server xxx

ip dhcp excluded-address


ip dhcp pool dhcppool

import all




ip audit notify log

ip audit po max-events 100


crypto isakmp policy 3

encr 3des

authentication pre-share

group 2


crypto isakmp client configuration group dialin

key cisco123

pool ippool

acl 199



crypto ipsec transform-set myset esp-3des esp-sha-hmac


crypto dynamic-map dynmap 10

set transform-set myset




crypto map clientmap client authentication list userauthen

crypto map clientmap isakmp authorization list groupauthor

crypto map clientmap client configuration address respond

crypto map clientmap 10 ipsec-isakmp dynamic dynmap





interface Loopback0

ip address

no ip route-cache

no ip mroute-cache


interface Ethernet0

ip address

ip nat inside

no ip route-cache

ip tcp adjust-mss 1452

no ip mroute-cache

hold-queue 100 out


interface ATM0

no ip address

no ip mroute-cache

atm vc-per-vp 64

no atm ilmi-keepalive

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1


dsl operating-mode auto

dsl power-cutback 0


interface Dialer1

ip address negotiated

ip mtu 1492

ip nat outside

encapsulation ppp

no ip route-cache

no ip mroute-cache

dialer pool 1

dialer remote-name redback

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname user@domain

ppp chap password 0 password

ppp pap sent-username password xxxxpassword

ppp ipcp dns request

ppp ipcp wins request

crypto map clientmap

hold-queue 224 in


ip local pool ippool

ip nat inside source list 1 interface Dialer1 overload

ip classless

ip route Dialer1

ip http server



access-list 1 permit

access-list 199 permit ip any

access-list 199 permit ip any

access-list 199 deny ip any any

dialer-list 1 protocol ip permit


line con 0

no modem enable

stopbits 1

line aux 0

stopbits 1

line vty 0 4

exec-timeout 120 0

length 0


scheduler max-task-time 5000






Re: Cannot connect to resource using VPN - Strange problem...

Try applying these points,

1. You are using the new version of the cisco vpn client. The release notes indicate that SHA

hashing is no longer supported. You can find the details at the following:

Please change the hashing method to MD5 for the time being in the transform set.

2. The crypto map will need to applied to both the physical and logical interfaces.

CreatePlease to create content