Connection problems w/ 1.0 client through 1720 router
I have created a VPN using a 1720 and the Cisco 1.0 IRE client. I am having intermittent connection problems. I have modified the lmhosts file to include #PRE #DOM and hex node entries this seemed to work for a while but i cannot get the connection to work reliably. I realize that there is a more current client (1.1). I tried thaty and it made matters worse. I also relaize that a port concentrator (3000) is the better solution but the customer was told by a previous engineer that this would work. There are no acess lists to speak of. This is a pretty vanilla config. It seems the problem exists when I don't get my "key". So without a secure tunnel there is no way to make a connection to the PDC.
Re: Connection problems w/ 1.0 client through 1720 router
When we upgraded to 1.1 that problem went away for the most part. Once in awhile I have to reconnect. There was a tip on this forum that suggested delaying the domain login with a reg hack so we setup a PDC on our network and configured that delay. I think if the VPN negotiation takes too long, the domain controller times out and login doesnt happen. If you are not using domain login and just browsing network shares, it may take awhile for the browse master to update at times, other times it can be instantaneous, other times it may not ever update. Youre better off using a domain login because the PDC or BDC controls the network shares and permissions so once youre logged in, youre in, period. Hope that helps.
By the way, v1.1 is far better than 1.0. If you had problems with it, you should call the TAC. I think 3.x is coming out in a week or two.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...