Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Strange behaviour for VPN client behind PAT

I was trying to set up 5 VPN clients(version 3.6) behind a PAT device at a remote site office towards a VPN3000(at central site).

I have turned on the NAT-traversal but anyone time only 2 clients can connect to the VPN3000. When the third client start to initiate a connection. Both initial vpn connections died.

I have attached the client pcf file.

Any help is appreciated.

Thanks

[main]

Description=

Host=xxx.com.sg

AuthType=1

GroupName=RAS

GroupPwd=

enc_GroupPwd=xxxxxxxxx

EnableISPConnect=0

ISPConnectType=1

ISPConnect=SBnet

ISPCommand=

Username=jkasbx

SaveUserPassword=0

UserPassword=

enc_UserPassword=

NTDomain=

EnableBackup=0

BackupServer=

EnableMSLogon=1

MSLogonType=1

EnableNat=1

CertStore=0

CertName=

CertPath=

CertSubjectName=

CertSerialHash=00000000000000000000000000000000

DHGroup=2

ForceKeepAlives=0

PeerTimeout=90

EnableLocalLAN=1

TunnelingMode=1

TcpTunnelingPort=10000

SendCertChain=0

VerifyCertDN=

EnableSplitDNS=1

ForceNetLogin=-1

2 REPLIES
Silver

Re: Strange behaviour for VPN client behind PAT

Since you have already enbled NAT-T, the only other thing that springs to mind is to check whether IPSec/UDP port 4500 is open. Sometimes IPSec/TCP could also work. Also the router thats doing the PAT does it support mutiple VPN's?

New Member

Re: Strange behaviour for VPN client behind PAT

correct me if i am wrong. if more than one client could connect to the concentrator doesn't it means that the firewall port has been opened?

Same sentiment for the router that is doing the PAT as well.

I have a feeling that it might be the client ip pool assigned to the group. I'll check it out.

103
Views
0
Helpful
2
Replies
CreatePlease to create content