Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco VPN via MS VPN

Hi,

I try to establish VPN connection to my corporate network. There is a problem with it. Our corporate policy demands use of static IP address. My ISP supplies static IP only through MS VPN connection.

This combitation of VPNs appears inoperative, at least with VPN Client 4.x.

Symptoms are: autentification completes successfully, then Client begins generating massive outgoing traffic (many megabytes per second) which is clearly visible in MS VPN connection status window, but none of this traffic reaches main ethernet connection (again, its status window shows it). After couple of minutes of such activity MS VPN connection disconnects/hangs/crushes.

Cisco Client log mostly consicts of hundreds of following error reports:

Sev=Warning/2 IPSEC/0xE3700003

Function CniNewPacket() failed with an error code of 0xe4510002 (IPSecDrvCB:696)

It has nothing to do with firewall/proxy (checked twice).

Nor it is network in general: everything works perfectly with VPN Client 3.63. Yet, AFAIK it uses different principle of work.

Could you please help me.

Best regards,

Sergey Grishin.

1 REPLY
New Member

Re: Cisco VPN via MS VPN

This could be caused by one or more of the following issues.

The hostname or IP address of the remote server configured in the VPN Client is incorrect.

The group name configured in the VPN Client does not match the group name in the headend device.

The VPN Client does not have IP connectivity to the remote server, or traffic is blocked by a device between the client and the remote server.

The resolution is to

Verify that the hostname or IP address for the remote server configured in the client is correct.

Verify that the group name configured in the Option > Properties > Authentication tab matches the group name configured in the remote server.

Verify that the VPN Client device has IP connectivity to the remote server by pinging the remote server's IP address.

Check to see that Internet Key Exchange (IKE) or IPSec traffic is not blocked by a device between the VPN Client and the remote server.

585
Views
0
Helpful
1
Replies