05-05-2003 04:41 PM - edited 03-09-2019 03:09 AM
We have been using our Cisco 3000 VPN Concentator for quite some time and have a approximately 25 - 30 regular users. Most of these individuals connect from home over a highspeed line (cable, DSL, etc.). Thus far, all have been able to log onto the VPN and Domain and then access all network resources (Lotus Notes, AS/400 etc.).
The problem:
A new user is able to connect successfully according to the logs (see below), but when he tries to use any application that requires a NetBIOS name (Lotus Notes, AS/400 etc.) he gets timeouts. He is able to ping all network hosts by IP address, but not by NetBIOS name.
His OS: Windows 2000 SP2
VPN Client Version: 3.5.2(B)
Any ideas as to how this can be resolved?
Thanks in advance,
-Brian
PS. I scrubbed the log data below to reflect generic group and user names. All other data is pulled direclty from the log. The data only reflects this particular user's connection.
-------------
Log Data
-------------
33724 05/05/2003 11:38:13.860 SEV=5 IP/49 RPT=495
Headend transmitting TCP SYN-ACK pkt to client 24.121.45.95, TCP dest port 1162
33725 05/05/2003 11:38:13.940 SEV=5 IP/50 RPT=14761
Headend received TCP ACK pkt from client 24.121.45.95, TCP source port 1162
33726 05/05/2003 11:38:14.100 SEV=5 IP/41 RPT=271
TCP session established to client 24.121.45.95, TCP source port 1162.
33727 05/05/2003 11:38:19.840 SEV=4 IKE/52 RPT=604 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
User (<JoeUser>) authenticated.
33728 05/05/2003 11:38:20.030 SEV=5 IKE/184 RPT=604 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
Client OS: N/A
Client Application Version: 3.5.2 (B)
33730 05/05/2003 11:38:21.150 SEV=4 AUTH/22 RPT=606
User <JoeUser> connected
33731 05/05/2003 11:38:21.150 SEV=4 IKE/119 RPT=644 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
PHASE 1 COMPLETED
33732 05/05/2003 11:38:21.150 SEV=5 IKE/25 RPT=2208 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
Received remote Proxy Host data in ID Payload:
Address 192.10.12.95, Protocol 0, Port 0
33735 05/05/2003 11:38:21.150 SEV=5 IKE/24 RPT=614 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
Received local Proxy Host data in ID Payload:
Address 206.19.244.201, Protocol 0, Port 0
33738 05/05/2003 11:38:21.150 SEV=5 IKE/66 RPT=2208 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
IKE Remote Peer configured for SA: ESP-3DES-MD5
33739 05/05/2003 11:38:21.150 SEV=5 IKE/75 RPT=2208 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
Overriding Initiator's IPSec rekeying duration from 2147483 to 28800 seconds
33741 05/05/2003 11:38:21.290 SEV=4 IKE/49 RPT=2208 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
Security negotiation complete for User (<JoeUser>)
Responder, Inbound SPI = 0x053a3798, Outbound SPI = 0xa974f35b
33744 05/05/2003 11:38:21.300 SEV=4 IKE/120 RPT=2208 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
PHASE 2 COMPLETED (msgid=0c5797ce)
33745 05/05/2003 11:38:23.310 SEV=5 IKE/25 RPT=2209 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
Received remote Proxy Host data in ID Payload:
Address 192.10.12.95, Protocol 0, Port 0
33748 05/05/2003 11:38:23.310 SEV=5 IKE/34 RPT=1595 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
Received local IP Proxy Subnet data in ID Payload:
Address 192.10.0.0, Mask 255.255.0.0, Protocol 0, Port 0
33751 05/05/2003 11:38:23.310 SEV=5 IKE/66 RPT=2209 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
IKE Remote Peer configured for SA: ESP-3DES-MD5
33752 05/05/2003 11:38:23.310 SEV=5 IKE/75 RPT=2209 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
Overriding Initiator's IPSec rekeying duration from 2147483 to 28800 seconds
33754 05/05/2003 11:38:23.430 SEV=4 IKE/49 RPT=2209 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
Security negotiation complete for User (<JoeUser>)
Responder, Inbound SPI = 0x053c6e46, Outbound SPI = 0x997f5b84
33757 05/05/2003 11:38:23.430 SEV=4 IKE/120 RPT=2209 24.121.45.95
Group [<MyCompanyVPN>] User [<JoeUser>]
PHASE 2 COMPLETED (msgid=016735e1)
05-09-2003 12:41 PM
Check the configured timout value. It seems that netbios traffic which is broadcast based does not keep the tunnel up. Adjusting the timer values might help.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: