Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
576
Views
0
Helpful
4
Replies

VPN Client's can no longer make a connection.

dschuckman
Level 1
Level 1

‎01-11-2006 01:36 PM - edited ‎02-21-2020 12:38 AM

This afternoon my pix appears to have stopped accepting connections from vpn client software. All of my pix-2-pix tunnels are still up but I can't get and clients to connect I have a case open with cisco but am awaiting a response from the engineer. Has anyone scene this before? No configuration changes had taken place prior to the incident. The connections just stopped. I can't seem to get a capture of just the crypto debugs. As soon as I turn on debugs I have to enable logging to console and there is so much information it is next to impossible to capture the data I ned to troubleshoot this. If anyone has any recomendations please let me know. I do not want to reboot the pix as this will disrupt other things that are still working and I also will not beable to determine what actually is causing the issue.

0 Helpful
4 Replies 4

jackko
Level 7
Level 7

‎01-12-2006 02:35 AM

just wondering how many users are affected. is it possible that the issue is related to the remote user pc?

0 Helpful

dschuckman
Level 1
Level 1
In response to jackko

‎01-13-2006 06:26 AM

It was service affecting across the board. I ended up getting frustrated and just clearing the xlate. THis fixed the issue. The only thing that I can figure is possibly translations were not getting removed from the table after a termination of the connection and filled up all the sockets used for UDP connections - or something like that - not really sure. But after clearing the xlate table all connections began functiong correctly again.

Thanks

David

MY ISSUE IS RESOLVED!

0 Helpful

jackko
Level 7
Level 7
In response to dschuckman

‎01-14-2006 06:18 AM

it's good to learn that your issue has been resolved.

just wondering if the pix is 501. if so, then the issue may be related to number of inside user.

e.g. do "sh ver"

pix# sh ver

Cisco PIX Firewall Version 6.3(4)

Cisco PIX Device Manager Version 3.0(2)

Compiled on Fri 02-Jul-04 00:07 by morlee

pix up 229 days 14 hours

Hardware: PIX-501, 16 MB RAM, CPU Am5x86 133 MHz

Flash E28F640J3 @ 0x3000000, 8MB

BIOS Flash E28F640J3 @ 0xfffd8000, 128KB

0: ethernet0: address is 0012.80cb.d613, irq 9

1: ethernet1: address is 0012.80cb.d614, irq 10

Licensed Features:

Failover: Disabled

VPN-DES: Enabled

VPN-3DES-AES: Enabled

Maximum Physical Interfaces: 2

Maximum Interfaces: 2

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: 10

Throughput: Unlimited

IKE peers: 10

0 Helpful

dschuckman
Level 1
Level 1
In response to jackko

‎01-14-2006 05:03 PM

Nope, that is not the problem. Thank you though. I have resolved the issue. There were some issues in the translations table.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card