Having trouble with this one so I wonder if anyone can help please?
VPN establishes from client 3.5.1 to PIX no prob. Can establish mapped drives, browse network etc.
The PIX has an ACL allowing port 3389, the MS default port, to the server. Now, this works OK if you dial an ISP then connect using the Connection Manager, login as normal etc. but will not play using a VPN!
Based on the information here, I can only guess that your problem might have to do with routing. The first thing you need to check is which interface you are terminating your tunnel on. You need to verify that the PIX is forwarding traffic to the interface where the crypto map exists. You need to ensure that you have specified a route to the remote network with the appropriate next hop.
1. Using the same host that is having problems when connecting through the VPN, use the statically translated Public ip address and make sure that Terminal Services is working fine for this host. This is just to make sure that you are having issues only through VPN.
2. Now make an IPSec connection using the VPN Client and try pinging the Terminal Server and if that works fine then we know that there is IP Connectivity and your routing is looking good.
Now from the same host and through the IPSec connection, send ping packets with different packet size and see where the pings start failing.
And if possible, try to lower the MTU size on the host and then give it a shot.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :