Running WLAN with PIX 506E, WLC 2006, and five 1242 AP's. Everything is working great except for VPN access.
WLC is handing out DHCP, only running web passthrough, and have roughly 200-250 people running through it. I use this setup at different hotels for week long meetings and have a direct WAN line seperate from the hotels. All these users are from different companies and use different VPN software.
Weird thing is about 90% of people have no problem with their VPN's, but about 10% just will not work when using the wireless network. Weird thing is though, if I take that 10% and plug them in on a wired conneciton bypassing the AP's and WLC, and let them pull DHCP from the PIX, their VPN's work great.
So its seems I'm missing something between the PIX and the WLC maybe, but I'm tapped out on ideas.
Are there any similarities in the 10% that are failing? Same vpn client, same endpoint device etc.? I asked about addressing because some people cannot vpn without public address, or they don't support nat traversal.
I was having a problem with alot of Nortel Contivity VPN's but when I started putting the WAN appliance (ie. modem, router, etc....) in bridged mode and let the PIX handle the PPPoE, routing, etc.. the majority of those problems went away. I think that was due to the double natting.
Right now though, the vpn clients that won't work, range from Nortel, a few Cisco and few of these companies have programmed their own. But they all work when bypassing the wireless network.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :