We are facing one issue for connecting to remote end Cisco VPN concentrator using VPN client. Remote end is VPN concentrator is not managed by us.User is using iPass 3.51 and Cisco VPN Client 4.8.02.Users are using our internet connection for this vpn & behind Checkpoint FW.
Remote end VPN concentrator is configured to accept vpn connection on customized port of TCP 9009 & same has been open on our firewall.Now issue is that users are not able to connect using VPN client while connected in our n/w but at the same time users are able to telnet remote end vpn conc.ip on mentioned port i.e.9009 but using vpn client they can't connect.Our firewall has been open for UDP IKE,IKE NAT-T,TCp IKE,TCP 9009 ports.But this connection is only using TCP 9009 for connection.Now strange thing is that if they disconnect from our n/w & use their 3G connection it works fine. We have collected logs from VPN client attached herewith. Remote end guys also checked logs on concentrator & suspecting asymetrical routing issue but our n/w team has confirmed that this is not the case.
User is getting error like "Reason 412 connection terminated by vpn client locally;remote peer no longer responding"
Can anybody please help if we can diagnose the problem here using these logs as we only have these logs for troubleshooting ? Your help is much appreciated.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...