Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Problems with VPN Remote Access Clients to 3000 Concentrator.

Hi, I installed a 3000 Concentrator for remote access clients for a customer. When I initiate a VPN session to the 3000 over dial-up, all is well. I can access all internal LAN resources.

Now, when I initiate a session from home (behind a firewall) over a DSL connection, I can establish a session to the 3000, I receive an IP address from the pool, but not able to ping anything on the internal LAN. I know that it is not a config issue on my firewall because am able to initiate VPN sessions to other customer's 3000 Concentrators and access all internal LAN resources.

I'm stumped! Any ideas?

Thanks in Advance!

TV

4 REPLIES
New Member

Re: Problems with VPN Remote Access Clients to 3000 Concentrator

Do you have a Switch on the internal network or an RSM. If so you need to set a route from your network out the VPN's internal address.

New Member

Re: Problems with VPN Remote Access Clients to 3000 Concentrator

Yes, the customer has a 6509 w/ MSFC set as the tunnel default gateway. We added a static route to the VPN Client pool/subnet w/ next hop of the 3000's private interface.

Everythig works great when the VPN client connects to the internet via dial-up. I just can't figure out why things do not work from a home DSL connection behind a firewall.

New Member

Re: Problems with VPN Remote Access Clients to 3000 Concentrator

Do you have UDP 10000 enabled on the Client and the Concentrator for the non working scenerio?

New Member

Re: Problems with VPN Remote Access Clients to 3000 Concentrator

I enabled the "Use IPSec over TCP (NAT/PAT/Firewall) TCP port 1000 and that solved my problem. This is the first time I have ran into this problem after doing a number of VPN Concentrator installs. I wonder if it is related to the software rev on the concentrator? This particular concentrator is the only one that I have configured using 4.0.1. The others were older (3.5.2 rev).

Nevertheless, thank you very much for providing me with the fix!

TV

241
Views
0
Helpful
4
Replies
СоздатьДля создания публикации, пожалуйста в систему