Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN fails on a specific public network.

                   QuickVPN stalls on some public networks at "Verifying Network".  It's apparently using port 443, however port 443 appears to be open as I can reach HTTPS sites.  What else could cause QVPN to stall at "Verifying Network"?

Thanks

13 REPLIES
Green

VPN fails on a specific public network.

Hi M. I've seen QVPN fail specifically on Verizon networks, as they block ESP packet. So it can be something like this.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
New Member

VPN fails on a specific public network.

Could be your local network is on the same subnet as the remote site.

New Member

VPN fails on a specific public network.

It wasn't.

Gold

VPN fails on a specific public network.

m. murid,

Have you tried port 60443 from the location in question? Depending on the router you are using you may need to enable Remote Management on port 60443 as well. What is the model of the router?

- Marty

New Member

Re: VPN fails on a specific public network.

I did try port 60443, but it didn't even make it through the connecting stage.  As you say I may need to enable Remote Management on that port.  The Router is the RVS4000 (Version 1).

I found the Remote-Management setting in the "Basic Settings" of the "Firewall"; it is currently defaulted to 8080 and disabled.  I assume your suggesting setting this to 60443 and enabling it?  What determines the normal access setting via 443; I see no setting that could change that, or is it hardwired to 443 unless the Remote-Management is changed and enabled?

Gold

Re: VPN fails on a specific public network.

m. murid,

With the RVS4000 Remote Management is not necessary. Only the newer models require Remote Management to be enabled for QuickVPN and they will not allow you to create a user unless it is enabled.

The RVS4000 should be listening for QuickVPN connections on both 443 and 60443 by default. There is no way to change that. As Tom mentioned, it sounds like the remote ISP might be blocking the connection. You are able to connect from some ISPs but not others, correct?

- Marty

New Member

Re: VPN fails on a specific public network.

Yes.  I can connect from most public locations (e.g. Barnes & Noble, in-mall Microsoft store, several malls, etc).  It's only failed in one mall and at a local Lowes.  Is there any way to circumvent their blocking?

Gold

Re: VPN fails on a specific public network.

m. murid,

Sorry, I'm not aware of any way to circumvent the blocking. It could be the company or the ISP that they use that is blocking the VPN traffic.

- Marty

New Member

VPN fails on a specific public network.

Thanks for your help.  BTW: Even though the RVS4000 is supposed to be looking at both ports 443 and 60443, I got a different response for each.  The 443 proceeded all the way to "Verifying Network" and then hung, but 60443 did not get beyond "Connecting" before a popup displayed a connection failure.  Any thoughts as to why the differences?  I would have thought that if they were being blocked I would see the same response; in fact I would have expected 443 to fail sooner, as it's the most common VPN port.

Gold

VPN fails on a specific public network.

m. murid,

If I had to guess I would say that the ISP/Company is specifically blocking port 443 and ESP packets as Tom stated. They are not blocking 60443 but ESP is still blocked so the VPN tunnel is not allowed.

The best advice that I can give is to try to find hotspots that are not blocking. You might also consider cell phone tethering if you only pass a small amount of traffic with each connection.

- Marty

New Member

Re: VPN fails on a specific public network.

Marty,

Actually, given that port 443 actually gets further along in the connection process, the ISP is probably blocking 60443, because it fails immediately, and 443 hangs because of ESP blocking.

Thanks for the advise, but I'll probably just use TeamViewer for those public sites that can block QuickVPN.

I also know of other clients that might be able connect through other ports.

Thanks again,

Mickey

Gold

Re: VPN fails on a specific public network.

Mickey,

Check out Shrewsoft if you haven't already, I have played with it and it works quite well with the SMB routers.

- Marty

New Member

VPN fails on a specific public network.

Shrewsoft was one of the clients I had in mind - thanks.

460
Views
0
Helpful
13
Replies
CreatePlease to create content