Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

VPN client hangs after password authentication

Hi

When a remote client tries to establish a VPN session with our Pix firewall (running 6.3), it hangs just after the password prompt with this message (see attached). When I try the same all works fine. I've included the bits of code I think are relevant to their setup.

name 128.51.0.3 ATG-STELPLAN-Svr

name 128.60.4.4 ATG-Irish-EMS-Svr

name 194.201.29.0 LAN-Metalogic

name 192.168.2.0 LAN-Metalogic2

name 128.31.1.78 MultiMetals-New-Svr

name 10.10.253.253 Metalogic_Support_Host

access-list acl_mdc_inside_nat0 permit ip host MultiMetals-New-Svr host Metalogic_Support_Host

access-list acl_mdc_inside_nat0 permit ip host EMS host Metalogic_Support_Host

access-list acl_mdc_inside_nat0 permit ip host ATG-EMS1 host Metalogic_Support_Host

access-list acl_mdc_inside_nat0 permit ip host ATG-STELPLAN-Svr host Metalogic_Support_Host

access-list acl_mdc_inside_nat0 permit ip host ATG-Irish-EMS-Svr host Metalogic_Support_Host

access-list acl_mdc_Metalogic-remote_split_tunnel permit ip object-group Murray_Subnets any

ip local pool Metalogic_Pool Metalogic_Support_Host mask 255.255.255.255

nat (inside) 0 access-list acl_mdc_inside_nat0

vpngroup Metalogic_Support address-pool Metalogic_Pool

vpngroup Metalogic_Support default-domain carnegie-it.com

vpngroup Metalogic_Support split-tunnel acl_mdc_Metalogic-remote_split_tunnel

vpngroup Metalogic_Support idle-time 1800

vpngroup Metalogic_Support password ***

Please help.

Thanks

Rex

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: VPN client hangs after password authentication

Well, if they have a firewall Linux the IPSEC won't pass through. Had similar problem and the issue was from the Linux both not passing the IPSEC traffic. I suggested to the other party to try the laptop on the outside zone and everythig worked out.

Therefore, don't worry coz your config is correct.

Let me know if you require further help,

Regards,

3 REPLIES
Silver

Re: VPN client hangs after password authentication

The above configuration is not complete. Can you post the config with the crypto map and other parts.

The cisco client is not hanging but it is failing to negotiate the security policy.

Thanks,

Community Member

Re: VPN client hangs after password authentication

Thanks for the reply. If it was failing to negotiate then would this not be the case for anyone trying to use this VPN group? I've tried the same pcf file/credentials on PC's on other networks and home computers and they work fine. I suspect the firewall on the problem site to be at fault (apparently a Linux box but I dont know any more detail). I've attached the config with sensitive bits removed anyway. Thanks, Rex

Silver

Re: VPN client hangs after password authentication

Well, if they have a firewall Linux the IPSEC won't pass through. Had similar problem and the issue was from the Linux both not passing the IPSEC traffic. I suggested to the other party to try the laptop on the outside zone and everythig worked out.

Therefore, don't worry coz your config is correct.

Let me know if you require further help,

Regards,

205
Views
0
Helpful
3
Replies
CreatePlease to create content